It is highly recommended to implement strong password policies and authentication
auditing to effectively reduce the possibility of anyone quietly slipping into an
internal network. ISA VPN solutions support smart card??“based authentication, in addition
to third-party SecurID two-factor authentication mechanisms, so it is fairly straightforward
to include this additional security to an ISA implementation.
Designing an ISA Server 2006 VPN Infrastructure
When designing a VPN infrastructure, there are many important aspects to consider. These
considerations are largely based on an organization??™s current infrastructure and definitive
goals. Analyzing and making design decisions around these aspects early on allows for a
much more secure and robust VPN implementation, enhancing the overall functionality
of the network while providing a positive experience for end users.
Although there are almost unlimited network configuration possibilities, the ISA VPN
server is generally involved in two types of scenarios: It is either a member server in a
domain or a stand-alone workgroup server separate from a domain. Each configuration is
valid and has different advantages; each type of configuration should be evaluated and
implemented when appropriate.
Pages:
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406