Contents
Introduction 5
Scope of This Guide 5
Securing the ISA Server Computer 5
Managing Updates 6
Physical Access 6
Hardening the Windows Infrastructure 7
ISA Server Server Roles 8
ISA Server Server Tasks 9
ISA Server Client Roles 10
Creating a Security Template 11
Managing Permissions and Roles 18
Administrative Roles 18
Permissions 21
Access Control Lists 22
Reducing the Attack Surface 22
Disabling ISA Server Features 23
System Policy 27
Lockdown Mode 43
Affected Functionality 44
Leaving Lockdown Mode 44
Securing the Configuration 44
Validating Configuration After Upgrade 45
Validating the Firewall Policy Configuration 45
Virtual Private Networking 45
Virus Protection with VPN 45
Authentication for VPN 46
Link Translation 46
Connection Limits 48
Firewall Clients 50
Securing the Deployment 52
Authentication 52
Using RADIUS Servers 53
Verifying Connectivity to Authentication Servers 54
Deploying Authentication Servers 56
DNS Servers 57
Monitoring and Troubleshooting 59
Logging 59
Log Storage Limits 60
Auditing 62
Additional Resources 63