ISA Server is being deployed more often recently to
supplement security in many organizations, and this capability to ???play well??? with other
firewalls and security applications is a welcome improvement.
Utilizing ISA Server 2006 in Conjunction with Other Firewalls
A common deployment scenario for ISA Server 2006 systems has been as a reverse proxy
or dedicated VPN server that sits as a unihomed (single network card) server in the
Perimeter (DMZ) network of an existing firewall. This is where the integration of ISA with
other security devices really shines. The advantage to deploying ISA in this method is that
it serves as an additional layer of security in an existing environment, improving the environment??™s
overall security. Security works best in layers because it is more difficult to
24 CHAPTER 1 Introducing ISA Server 2006
compromise a system that has multiple mechanisms that must be defeated before an
unauthorized user is able to gain access.
To this end, ISA is proving to be a commonly used security tool that satisfies specific
needs, rather than a whole host of needs at once. For example, a large number of ISA
deployments serve a single purpose: to secure traffic to Outlook Web Access servers or
other web-related servers while sitting in the DMZ of an existing packet-layer firewall,
similar to what is shown in Figure 1.
Pages:
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112