Summary
The capability to use a straightforward and robust method for securely accessing internal
organization assets is one of the key selling points to ISA Server 2006. ISA??™s VPN capabilities
are what make this type of access possible, offering multiple configuration methods
with PPTP or L2TP protocol support available. In addition, ISA??™s Application-layer filtering
support for VPN users, even after they have authenticated, further extends the security of
remote user access. A properly designed VPN solution using ISA Server 2006 therefore
extends the productivity of an environment without unnecessary security risks.
Best Practices
. Use a very strong RADIUS shared secret key comprising a random set of alpha,
numeric, and symbols. The key length should be between 22 and 128 characters and
it should be changed periodically.
. When configuring the ISA VPN server, be sure to check for alerts both in the ISA
Management console and in the server??™s event log. The RRAS service often logs
descriptive messages.
. Use the IPSec pre-shared key to verify VPN communication during troubleshooting;
this will help identify a problem with network or certificates.
Pages:
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478