6 Examining an ISA deployment at a small organization.
130 CHAPTER 4 Designing an ISA Server 2006 Environment
OrganizationY deployed a single ISA Server 2006 Standard Edition server with six network
cards, as illustrated in Figure 4.7. Each network card is attached to a separate physical
network within the organization, as follows:
. Internet
. DMZ network
. Wireless access network
. First-floor client network
. Second-floor client network
. Server network
The ISA server is configured to allow only specific types of traffic from the client, wireless,
and DMZ networks to the server network. Specifically, the server is configured to filter
RPC traffic to allow only MAPI access to an Exchange server, print functionality to a
specific print server, and similar rules.
By deploying ISA in this manner, OrganizationY is able to mitigate the threat posed by
viruses or exploits that may infect their deployed workstations.
Wireless Access Point Network
ISA
Firewall Internet
DMZ Network
Server Network
1st Floor Client Network
2nd Floor Client Network
FIGURE 4.7 Examining an ISA deployment at a mid-sized organization.
131
4
Designing ISA Server 2006 for Organizations of Varying Sizes
Examining an ISA Server 2006 Deployment for a Large Organization
CompanyA is a large financial services organization with 20,000 employees distributed
among three major sites in New York, Tokyo, and Paris.
Pages:
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272