Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
Enabling Access
to Internet
Resources
Overview
Is the …
User allowed access?
Computer allowed
access?
Protocol allowed?
Destination allowed?
Content allowed?
ISA
Serv
er
Web
Serv
er
Proxy
Server
Why Use a Proxy Server?
Is the …
User allowed
access?
Protocol
3 allowed?
Destination
allowed?
6
1 5
2
4
ISA Web
Server Server
What Is a Reverse Web Proxy
Server?
Is the …
Request
allowed?
Web Protocol
Server allowed?
Destination
3 DNS
allowed?
Server
4
5 2 1
ISA 6
Server
How to Configure ISA Server as a
Proxy Server
DNS Configuration for Internet
Access
Inter
net
Head Office
How to Configure Dial-Up
Connections
Enable dial-
up
for
connection
s
to this
network
Use this
dial-up
connection
Logon
using
this
account
Practice: Configuring ISA Server as a
Web Proxy Server
Internet
Den-DC-01
Lesson: Configuring Multi-
Networking on ISA Server
Network Sets
LAN2 Perimeter2
Default Networks Enabled in ISA
Server
Network
Includes
Object
All computers connected to a
Network
single network interface
Network Set One or more networks
A single computer identified by
Computer
an IP address included in
All computers
Computer Set specified computer, subnet or
address range identified
All computers objects by
Address Range continuous
IP
Alladdresses
computers on a specified
Subnet
subnet
URL Set All specified URLs
Domain Name
All specified domain names
Set
The IP address on which the ISA
Web Listener
Server listens for connections
How to Create and Modify
Network Objects
Click Firewall
Policy,
Toolbox, then
Network
Objects
Click Networks,
then Networks or
Network Sets
What Are Network Rules?
Route connection:
• A route relationship is bidirectional
• If a routed relationship is defined
from network A
to network B, a routed relationship
also exists from network B to network
A
NAT connection:
A NAT relationship is directional
Addresses from the source network
are always translated when passing
through ISA Server
Practice: Managing Network
Objects
Internet
Den-DC-01
Lesson: Configuring Access Rule
Elements
Access Rule
Used to Configure
Element
The protocols that will be
Protocols allowed or denied by an
access rule
The users that will be allowed
Users
or denied by an access rule
The content type that will be
Content Types allowed or denied by an
access rule
The time of day when Internet
Schedules access will be allowed or
denied by an access rule
The computers or destinations
Network Objects that will be allowed or denied
by an access rule
How to Configure Protocol
Elements
How to Configure User Elements
How to Configure Content Type
Elements
Define the
MIME
types and file
extensions to
include
How to Configure Schedule
Elements
Define the
times when
this schedule
is active or
inactive
How to Configure Domain Name
Sets and URL Sets
Internet
Den-DC-01
Lesson: Configuring Access Rules for
Internet Access
Access rules
always define: Destination
Network
Allo
Destination IP
w U Destination
Deny ser Site
action on traffic from user from source to destination
with conditions
Protocol
Source Schedule
IP
network Content
Port/Typ
Source IP Type
e
How Network Rules and Access
Rules Are Applied
Network Access
Rules 3 Rules
4
5
2 6
ISA Web
Server Server
Domain
Controller
About Authentication and
Internet Access
Configure
additional
Configure filtering
maximum options
header length
Configure
maximum
payload
length
Configure
maximum URL
and query
length
Practice: Managing Access Rules
Den-ISA-01
Internet
Den-Clt-01Den-DC-01
How to Troubleshoot Access to
Internet Resources
Exercise 1: Configuring
ISA Server Access Rule
Elements
Exercise 2: Configuring
ISA Server Access Rules
Exercise 3: Testing ISA
Server Access Rules
Den-ISA-01
Internet
Den-DC-01
Den-ISA-02