ISA server is an upgraded version of Microsoft proxy server with built-in firewall and proxy firewall capabilities. It functions as a firewall, web cache, and VPN server to protect networks. As a firewall, it uses packet filtering, application gateways, and stateful inspection to control access based on source/destination IP addresses, ports, applications, and traffic rules. It also provides features like server publishing, intrusion detection, quality of service controls, and centralized management of multiple servers through arrays.

2. What is ISA Server :- ISA server is a upgraded version of Microsoft proxy server 2.0 with inbuilt FIREWALL PROXY FIREWALL

3. Proxy server :- It’s a server which emulates as a web server 192.168.1.2 Client Proxy Server 192.168.1.1 Zoom.com Internet

4. HACKING : - Taking over your resources or attempt to bring down your server Types of ATTACK: - 1. Foot printing :- The way to know the OS and IP of server 2. Scanning :- Scanning system for bugs and loopholes 3. DOS Attacks : - Denial Of Service 4. Exploits : - Writing scripts to bring down server 5. Trojans : - Sending viruses to steal the DATA 6. Port Scan : - Scanning ports for getting into applications ETC………

5. Types of Attacks 1. Foot Printing The Art of gathering the complete security profiles of an Organization or a Target Computer By using a combination of Tools and Techniques, The Hacker can take up the system and determine its Ip address and Domain names

6. Types of Attacks 2. Scanning Scanning the System for Bugs and Loopholes in O/S Hacker uses scanning technique to determine which Ports Are open, what services are running and what is the O/S E.G: RETINA, Shadow Security scanner, ANSIL etc

7. Types of Attacks 3. DOS Attack Denial of Service attack which is an attempt to get the Services or the server down by overflowing the buffer E.G: Win spoof 97, My Spoof

8. Types of Attacks 4. Exploits Exploits are usually Bugs in Applications or O/S which can be Exploited by using a piece of Code often referred as Scripts E.G: CGI scripts, Perl scripts etc

9. Types of Attacks 5. Trojan Horses Trojan Horses is program that pretends to be a useful tool But actually installs malicious or damaging software Trojan Horses can be used to take over the Remote System. Sending viruses to steal the Data E.G. Netbus , Bo2k

10. Types of Attacks 6. Port Scanner Scanning the port to get into the Application E.G: Port Scanner, etc

11. What is a Firewall : - A firewall protects networked computers from intentional hostile intrusions Software Firewall : - Hardware Firewall : - ISA Server Checkpoint Smooth wall Cisco Pix Watch Guard Multicom Ethernet II…..

12. Types of FIREWALL Packet Filtering e.g.. ROUTERS Controls data transfer based on Source & Destination IP Address TCP/UDP Port of Source & Destination IP Address Packets are allowed or dropped through the device depending on the Access Control List

13. Application Gateway eg. PROXY SERVER Packets are allowed based on type of application and IP address Filter Application specific commands such as: HTTP:GET and POST etc Application level Gateways can also be used to: To Log User Activity and Logins

14. Statefull Multilayer Inspection This is a full fledged firewall which combines the aspects of other two types of firewalls and is capable of intrusion detection server publishing etc…. eg. ISA SERVER

15. Flavors of ISA Server Enterprise and Array policies Local only Policy based Support No limit 4 cpu’s only Scalability Multiple server with Centralized Management Standalone only Server Deployment Enterprise Edition Standard Edition

16. ISA Server requirements : - Member server or Domain Controller Service pack 1 or above Two interface (public and private) Routing and Remote Access Pentium III 300MHz or above 256 Mb Ram 20 Mb of Hard Disk space on NTFS 5.0

17. Array considerations Arrays allow a group of ISA Server computers to be treated and managed as a single, logical entity. They provide scalability, fault tolerance, and load balancing All array members must be in the same Windows 2000 domain and in the same site

18. Enterprise Vs Standalone Policies No . Only a local array policy can be applied. Yes . A single policy can be applied to all arrays in the enterprise. Enterprise policy No need for 2000 Domain Can be installed in Windows NT 4.0 domains. Configuration information is stored in the registry. Must be installed only in Windows 2000 domains with Active Directory installed. Active Directory requirement Limited to only one member. Can have one or more member servers. Scalability and fault tolerance Stand-alone server Array

19. Enterprise Tiered Policy ISA Server Enterprise Edition supports two levels of policy: array level and enterprise level Array

20. ISA SERVER MODES 1. Firewall mode

21. ISA SERVER MODES Firewall mode Cache mode

22. ISA SERVER MODES Firewall mode Cache mode Integrated mode

23. Key features Internet Firewall (Intrusion detection)

24. Key features Internet Firewall (Intrusion detection) Secure Server Publishing

25. Key features Internet Firewall (Intrusion detection) Secure Server Publishing Web Caching Server

26. Key features Internet Firewall (Intrusion detection) Secure Server Publishing Web Caching Server Secure NAT

27. Key features Internet Firewall (Intrusion detection) Secure Server Publishing Web Caching Server Secure NAT Integrated VPN

28. Key features Internet Firewall (Intrusion detection) Secure Server Publishing Web Caching Server Secure NAT Integrated VPN Tiered-Policy Management

29. Key features Internet Firewall (Intrusion detection) Secure Server Publishing Web Caching Server Secure NAT Integrated VPN Tiered-Policy Management QOS(Quality Of Service)

30. Key features Internet Firewall (Intrusion detection) Secure Server Publishing Web Caching Server Secure NAT Integrated VPN Tiered-Policy Management QOS(Quality Of Service) Multiprocessor Support

31. Key features Internet Firewall (Intrusion detection) Secure Server Publishing Web Caching Server Secure NAT Integrated VPN Tiered-Policy Management QOS(Quality Of Service) Multiprocessor Support Client Side Auto Discovery

32. Key features Internet Firewall (Intrusion detection) Secure Server Publishing Web Caching Server Secure NAT Integrated VPN Tiered-Policy Management QOS(Quality Of Service) Multiprocessor Support Client Side Auto Discovery Web Filters

33. Key features Internet Firewall (Intrusion detection) Secure Server Publishing Web Caching Server Secure NAT Integrated VPN Tiered-Policy Management QOS(Quality Of Service) Multiprocessor Support Client Side Auto Discovery Web Filters Alerts

34. Types of Client SECURE NAT Clients WEB Clients FIREWALL Clients

35. Access is Controlled based on :- Client address sets Destination sets Protocols Bandwidth priorities