Part Number: X08-53242
Released: 1/2001
Delivery Guide
Deploying and Managing
Microsoft
®
Internet Security and
Acceleration Server 2000
Course Number: 2159A
Information in this document is subject to change without notice. The names of companies,
products, people, characters, and/or data mentioned herein are fictitious and are in no way intended
to represent any real individual, company, product, or event, unless otherwise noted. Complying
with all applicable copyright laws is the responsibility of the user. No part of this document may
be reproduced or transmitted in any form or by any means, electronic or mechanical, for any
purpose, without the express written permission of Microsoft Corporation. If, however, your only
means of access is electronic, permission to print one copy is hereby granted.
Microsoft may have patents, patent applications, trademarks, copyrights, or other intellectual
property rights covering subject matter in this document. Except as expressly provided in any
written license agreement from Microsoft, the furnishing of this document does not give you any
license to these patents, trademarks, copyrights, or other intellectual property.
2001 Microsoft Corporation. All rights reserved.
Microsoft, Active Directory, ActiveX, BackOffice, FrontPage, JScript, MS-DOS, NetMeeting,
Outlook, PowerPoint, Visual Basic, Visual C++, Visual Studio, Windows, Windows Media, and
Windows NT are either registered trademarks or trademarks of Microsoft Corporation in the
U.S.A. and/or other countries.
Other product and company names mentioned herein may be the trademarks of their respective
owners.
Course Number: 2159A
Part Number: X08-53242
Released: 1/2001
Deploying and Managing Microsoft Internet Security and Acceleration Server 2000 iii
Contents
Introduction
Course Materials ......................................................................................................2
Prerequisites.............................................................................................................3
Course Outline .........................................................................................................4
Setup ........................................................................................................................6
Microsoft Official Curriculum.................................................................................8
Microsoft Certified Professional Program ...............................................................9
Facilities.................................................................................................................11
Module 1: Overview of Microsoft ISA Server
Overview..................................................................................................................1
Introducing ISA Server............................................................................................2
Using Caching..........................................................................................................8
Using Firewalls ......................................................................................................11
Deployment Scenarios for ISA Server...................................................................19
Review ...................................................................................................................24
Module 2: Installing and Maintaining ISA Server
Overview..................................................................................................................1
Installing ISA Server................................................................................................2
Installing and Configuring ISA Server Clients ......................................................15
Lab A: Installing ISA Server and Configuring Clients..........................................24
Maintaining ISA Server .........................................................................................36
Lab B: Configuring ISA Server .............................................................................44
Review ...................................................................................................................51
Module 3: Enabling Secure Internet Access
Overview..................................................................................................................1
Access Policy and Rules Overview .........................................................................2
Creating Policy Elements.........................................................................................6
Configuring Access Policies and Rules .................................................................18
Configuring Bandwidth Rules ...............................................................................24
Using ISA Server Authentication ..........................................................................28
Lab A: Enabling Secure Internet Access ...............................................................35
Review ...................................................................................................................52
Module 4: Configuring Caching
Overview..................................................................................................................1
Cache Overview.......................................................................................................2
Configuring Cache Policy........................................................................................6
Configuring Cache Settings ...................................................................................17
Configuring Scheduled Content Downloads..........................................................20
Lab A: Configuring Caching .................................................................................22
Review ...................................................................................................................29
iv Deploying and Managing Microsoft Internet Security and Acceleration Server 2000
Module 5: Configuring Access for Remote Clients and Networks
Overview................................................................................................................. 1
VPN Overview........................................................................................................ 2
Configuring VPNs .................................................................................................. 6
Lab A: Configuring Virtual Private Networks...................................................... 12
Review .................................................................................................................. 20
Module 6: Configuring the Firewall
Overview................................................................................................................. 1
Securing the Server ................................................................................................. 2
Examining Perimeter Networks .............................................................................. 6
Examining Packet Filtering and IP Routing.......................................................... 10
Configuring Packet Filtering and IP Routing........................................................ 17
Configuring Application Filters ............................................................................ 24
Lab A: Configuring the Firewall........................................................................... 35
Review .................................................................................................................. 45
Module 7: Configuring Access to Internal Resources
Overview................................................................................................................. 1
Introduction to Publishing....................................................................................... 2
Configuring Web Publishing ................................................................................ 10
Configuring Server Publishing.............................................................................. 20
Adding an H.323 Gatekeeper................................................................................ 27
Lab A: Configuring Access to Internal Resources................................................ 32
Review .................................................................................................................. 45
Module 8: Monitoring and Reporting
Overview................................................................................................................. 1
Planning a Monitoring and Reporting Strategy....................................................... 2
Monitoring Intrusion Detection .............................................................................. 3
Monitoring ISA Server Activity............................................................................ 14
Analyzing ISA Server Activity by Using Reports ................................................ 19
Monitoring Real-Time Activity ............................................................................ 27
Testing the ISA Server Configuration................................................................... 32
Lab A: Monitoring and Reporting......................................................................... 34
Review .................................................................................................................. 41
Module 9: Configuring ISA Server for an Enterprise
Overview................................................................................................................. 1
Introducing ISA Server Enterprise Edition ............................................................. 2
Installing ISA Server in the Enterprise ................................................................... 7
Using Enterprise Policies and Array Policies ....................................................... 19
Managing Network Connections .......................................................................... 25
Scaling ISA Server................................................................................................ 36
Extending and Automating ISA Server Functionality .......................................... 42
Lab A: Configuring ISA Server for the Enterprise ............................................... 47
Review .................................................................................................................. 58
Appendix A
Deploying and Managing Microsoft Internet Security and Acceleration Server 2000 v
About This Course
This section provides you with a brief description of the course, audience,
suggested prerequisites, and course objectives.
Description
This three-day instructor-led course provides information technology (IT)
professionals with the knowledge and skills to deploy and manage Microsoft
®
Internet Security and Acceleration (ISA) Server 2000.
Audience
This course is designed specifically for IT professionals and is not intended for
network architects. Three of the major job roles performed by IT professionals
to be addressed by this course include:
Web administrators. Responsible for securing external access to internal
Web servers.
Network administrators. Responsible for monitoring and administering
internal network traffic.
Security administrators. Responsible for security of the network.
Student Prerequisites
This course requires that students meet the following prerequisites:
Successful completion of Course 2152, Implementing Microsoft
Windows 2000 Professional and Server, or equivalent knowledge of
Microsoft Windows
®
2000 Professional and Server.
Successful completion of Course 2153, Implementing a Microsoft
Windows 2000 Network Infrastructure.
Course Objectives
After completing this course, the student will be able to:
Explain the role of ISA Server in an enterprise network.
Install and configure ISA Server as a cache server and as a firewall.
Configure access policies to enable secure Internet access for client
computers.
Configure ISA Server as a cache server.
Configure ISA Server as a virtual private network (VPN).
Configure ISA Server as a firewall.
Configure access to selected internal resources.
Monitor ISA Server activities by using alerts, logging, reporting, and real-
time monitoring.
Install and configure ISA Server in an enterprise environment.