Intrusion detection. ISA Server comes with some built-in, basic IDS features. Internet Security Systems (ISS), the company that helped Microsoft develop ISA Server's IDS features, offers an enhanced product called RealSecure Server Sensor for ISA Server. The software is installed on ISA Server and provides hundreds of additional IDS checks that automatically update the server, unlike ISA Server's built-in IDS checks. RealSecure Server Sensor for ISA Server also monitors crucial local files and OS resources and can prevent buffer overflows. Unfortunately, this product doesn't work with ISA Server Enterprise edition.
URL filtering. Although ISA Server lets you block specific Web sites that contain objectionable content, many third-party add-ons let you automate and simplify the Web-filtering process. Secure Computing's SmartFilter URL filter plugin for ISA Server approves or denies Web content based on your predefined settings. SmartFilter comes with a list of more than 2 million previously reviewed Web sites and lets you block additional sites by keywords or file types. Denied content can generate a message to the user explaining the denial or coach the user to follow approved corporate policy.
Wavecrest Computing's CyBlock Web filter lets you approve or deny access to specific Web sites and Web site categories (e.g., chat, porn, news). The filter lets users access only specific sites and lets you manage users individually or as part of a group. Wavecrest Computing's other product, Cyfin Reporter, reads ISA Server logs so that you can generate reports to analyze Web-access activity and bandwidth performance.
CornerPost Software's Chaperon 2000 filters Internet content and offers a few features the competition doesn't have. In addition to alerting you to users who are trying to access objectionable content, the software can report on users specifically trying to circumvent the filter. This functionality is especially important to counteract the new hacker tools designed specifically to allow filter circumvention. Even if the user is initially successful in getting around Chaperon, if the software notes inappropriate content, it flags the Web site and alerts the administrator. Chaperon's blocked URL list is updated every 2 hours. CornerPost Software also sells Surrogate Socket 5.0 to provide SOCKSv5 support for ISA Server (which typically supports only SOCKSv4).
8e6 Technologies' 8e6 for Microsoft ISA Server 2000 Internet filter software monitors and blocks objectionable Web site traffic. The software monitors search engines for inappropriate keywords and adds new blocked sites daily. You can block Web sites by group or for individual users. The software also lets you produce Internet monitoring reports by Web site IP address, domain name, authentication type, and category.
The SurfControl Web Filter for Microsoft ISA Server software works as an ISA Server ISAPI plugin that monitors and blocks inappropriate content. The software can filter according to Web site, directory, page, time, bandwidth, or byte quotas and can alert you by email when a rule is triggered. SurfControl Web Filter contains more than 55 standard reports, and you can monitor specific users and sites in realtime.
Websense Enterprise, Microsoft ISA Server Edition monitors and blocks Web sites using categories, keywords, time-based quotas, and time of day. The software categorizes more than 4 million sites, includes more than 60 reports, and supports non-American languages.
User authentication. ISA Server depends on Microsoft's typical Windows authentication mechanisms. Third-party user authentication systems add checks and external hardware keys (called two-factor authentication) to increase user identity reliance. Authenex's AOne uses ISA Server with Authenex Strong Access Control (ASAC) and Authenex Strong Authentication System (ASAS) to provide access control for Internet users. ISA Server provides the firewall, cache, and VPN, and the AOne solution provides user authentication and control. Internal or remote users must have an authentication password and a physical access key (called an A-Key) to use company resources over the Internet. ASAC lets you restrict users by time, destination, or content.
RSA Security's cryptographic offerings are popular in the industry. RSA Security uses RSA ACE/Agent for Windows 2000 software, RSA ACE/Server software installed on ISA Server, and physical RSA SecurID smart cards for two-factor authentication. Users must know their secret PIN and use their cryptographically unique SecurID device to gain access to their company's Internet resources.
By itself, ISA Server is a formidable network security product. Coupled with any of Microsoft's ISA Server partner products, it's an even better perimeter tool. I couldn't cover every ISA Server add-on here, but you can visit ISAserver.org at http://www.isaserver.org/software for a broad list of available products and additional discussion.
End of Article
Prev. page
1
2
3
[4]
next page -->
