|
 |
|
 |
 |
Dr. Tom Shinder's Configuring ISA Server 2004
|
by Thomas W. Shinder, Debra Littlejohn Shinder, and Martin Grasdal
Sales Rank: 183337
|
Discount: 34 %
List Price: $49.95
$36.46
At Amazon
|
|
Paperback: 1024 pages
Publisher: Syngress; 2 edition August 1, 2004
Language: English
ISBN-10: 1931836191
ISBN-13: 978-1931836197
Product Dimensions:
9.1 x 7 x 2 inches
Shipping Weight: 3.2 pounds
Book Description
Dr. Tom and Debra Shinder have become synonymous with Microsoft's flagship firewall product ISA Server, as a result of Tom's prominent role as a member of the beta development team, and Tom and Deb's featured placement on both Microsoft's ISA Server Web site and ISAserver.org. Tom and Deb's book on the first release of the product "Configuring ISA Server 2000" dominated the ISA Server 2000 book market having sold over 40,000 copies worldwide, and the ISA Server community is eagerly awaiting Tom and Deb's book on ISA Server 2004, which is the dramatically upgraded new release from Microsoft.
Dr. Tom and Debra Shinder have become synonymous with Microsoft's flagship firewall product ISA Server, as a result of Tom's prominent role as a member of the beta development team, and Tom and Deb's featured placement on both Microsoft's ISA Server Web site and ISAserver.org. Tom and Deb's book on the first release of the product "Configuring ISA Server 2000" dominated the ISA Server 2000 book market having sold over 40,000 copies worldwide, and the ISA Server community is eagerly awaiting Tom and Deb's book on ISA Server 2004, which is the dramatically upgraded new release from Microsoft. This book will be featured prominently on the ISAserver.org home page as well as referenced on Microsoft TechNet and ISA Server Web pages. Tom and Deb's unparalleled technical expertise combined with prime on-line marketing opportunities will make this the #1 book again in the ISA Server market.
* This book will provide readers with unparalleled information on installing, confiuguring, and troubleshooting ISA Server 2004 by teaching readers to: * Deploy ISA Server 2004 in small businesses and large organizations.
* Learn how to configure complex DMZ configurations using ISA Server 2004's new network awareness features and built-in multinetworking capabilities.
* Learn how to take advantage of ISA Server 2004's new VPN capabilities!
From the Author
This book is based in large part on our own trials and tribulations (as well as the occasional "Eureka!" moment) that weve experienced working with ISA Server 2004. In this book, we are talking to people much like ourselves – experienced Windows network administrators who want to secure their networks and speed up Web access for their users without having to make a full-time vocation of it, learn programming, recompile kernels, or struggle with a brand new command syntax. Were talking to people who want a security solution that is built to interoperate with their Windows domain controllers and Microsoft servers such as Exchange and SharePoint. Were talking to experienced ISA 2000 administrators, those who are brand new to the world of firewalls, and those who are migrating from third-party firewall products.
----Tom and Debra Littlejohn Shinder
Customer Reviews & Comments
ISA 2004 is Microsoft's latest and greatest entry into the firewall market and make no mistake as that is what it is - a high performance, sophisticated, deep application filtering, enterprise class, but easy to configure firewall with the ability to be a VPN server, produce boatloads of reports and logging, and integrate with Active Directory for user authentication, even if not a domain member, via IAS/radius and also cache web content - whew! It is a very significant upgrade from ISA 2004 and in my opinion much easier to configure. The author and his community groups were very involved in helping Microsoft to develop ISA 2004 with real world user feedback and wants. From reading the book Tom Shinder is obviously very enthusiastic about ISA 2004. This is not a book with a bunch of copy and pastes from the help files and Microsoft white papers. The authors are very familiar with ISA 2004 and network security and how to implement it in a number of different scenarios. There are many of the author's tricks and traps in configuration that can save you a lot of time setting up your ISA server. Each chapter ends with a summary "Solutions Fast Track" that are multi sentence main points of the chapter content followed by some helpful FAQ. Throughout the book are many references to Microsoft relevant articles and links to the author's website that is a great resource for any version of ISA. The focus of the book is not just on ISA 2004 but also the required network and client configuration to get everything working in harmony. The book is well organized and you do not have to read the whole book to learn how to implement ISA 2004. There is a whole chapter just on features including comparison to ISA 2000 and another on comparing ISA 2004 to other enterprise firewalls such as CheckPoint, Cisco, and Netscreen to help you determine if ISA is right for you. The myth that a real firewall can not have a hard drive and only be configured by highly paid firewall consultants via the command line is debunked. Chapter 4 shows you how to configure and optimize your network for firewall protection. Gone is the LAT and now each network adapter can be configured separate from each other [including access rules between them] and allows the use of a DMZ. Proper dns configuration is frequently explained, including "split dns" as propers dns name resolution is crucial for a network to funtion and is often misunderstood. Chapter 5 goes into detail on the firewall clients - secure NAT, Firewall Client, and web proxy and how to determine which are best for you and how to implement and configure them in an automated fashion using Group Policy, DHCP, or DNS. Secure NAT is simply using the ISA server as the default gateway for the client which allows it to be used by any operating system. Web proxy and Firewall Client can be used to require user authentication in an access rule! Of course other chapters cover firewall rules [access rules], web and server publishing, installation, dns configuration including "split dns", configuring caching, VPN, using built in templates, how to implement ssl, backing up and restoring configuration, intrusion detection, running reports, configuring/viewing logs, IAS/radius integration, and more. The chapter on VPN covers all the features including how to set up site to site VPN's using pptp, l2tp, or ipsec tunnel mode [for compatibility with third party devices]. ISA 2004 has the ability to create access rules to restrict what content the VPN users can access on the lan or internet and integrate with IAS/radius for user authentication. How to request and install certificates is shown for use with l2tp, ipsec, and web servers. The book is loaded with explicit step by step instructions such as for certificates so as not to leave the user scratching their head or trying to figure out exactly how to implement specific tasks. These step by step instructions will be of great help for the more novice ISA 2004 user. Publishing a web server and configuring it for ssl was covered in great detail for the various methods. Apparently this has been a problem point for ISA admins in the past [particualry proper certificate selection and installation] and the authors wanted to make sure users got it right. Chapter 10 on stateful inspection and application layer filtering is of note. ISA 2004 has some very powerful abilities in this regard. They are not difficult for the most part to configure which the authors covered well but in addition they listed tables of specific recommendations of lists for particular HTTP security filters. For instance you can have an access rule and configure HTTP filtering for extensions to prevent users from downloading executeable content including .zip files. I tried to block .mp3 downloads via HTTP and it worked well for that also. Various methods were shown how to prevent users from using progamas like Kazaa and P2P applications with the various categories in HTTP filtering including headers and signatures. The same HTTP filtering can also be used when you publish a web server behind ISA 2004 for advanced protection from the internet. Numerous examples of using the built in netmon to capture network traffic to help show you how to spot entries to add to HTTP filters were given. The logging and reports available with ISA 2004 give a great deal on information on what is going on with firewall access, intrusion detection, and user statistics. Chapter 12 shows you how to use the built in reports, create custom ones, and filter connected users and log views. It is easy to pull reports showing top websites visited, top web users, top protocols used, and top bandwidth users for instance. Most admins would find these reports very useful. It is easy to view currently connected users, including VPN, and what client they are using. ISA 2004 is an impressive product that is relatively easy to use. Much more so than ISA 2000 in my opinion which helps lower it's TCO. Most users will be able to get up and running in no time at all and then be able to investigate the more advanced features which are numerous. Tom and Deb Shinder's book Configuring ISA Server 2004 will be of great help to anyone who wants to get the most out of ISA 2004 and explore all it's possibilities and implement them on their network for maximum network protection.
Comment | Permalink |
(Report this)
|
Dr. Tom Shinder's Configuring ISA Server 2004
List Price: $49.95
Discount: 34 %
Available from Amazon
Price: $36.46
| |
|
|
|
|
