Although standard packet filter firewalls are limited to
opening a port for HTTP, ISA Server 2006 includes the capability
to filter the HTTP traffic by host header, path,
content type, HTTP commands, and a whole host of other
filter options.
In addition to providing for secure web-filtering options as
an edge firewall, ISA Server 2006 also provides for robust
reverse-proxy options in the DMZ of an existing firewall,
allowing for additional layers of protection and providing
for capabilities such as end-to-end SSL encryption, link
translation, and more.
This chapter focuses on ISA Server 2006??™s HTTP securing
capabilities. ISA deployment scenarios as an edge firewall
and a reverse-proxy server are outlined, and step-by-step
guides for securing web servers, SharePoint sites, and other
custom web applications are outlined.
382 CHAPTER 14 Securing Web (HTTP) Traffic
Outlining the Inherent Threat in Web Traffic
The Internet provides somewhat of a catch-22 when it comes to its goal and purpose. On
one hand, the Internet is designed to allow anywhere, anytime access to information,
linking systems around the world together and enabling free exchange of that information.
Pages:
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622