A padlock will be displayed and
double clicking the padlock will display the remote computer??™s certifi cate. By doing
this the end user can see the following options:
?– Issued to: this will display the public host name to which the certifi cate is
issued.
?– Issued by: the certifi cate authority (CA).
?– Valid from: The valid from and valid to date of the certifi cate.
Confi guring ISA Server to Allow
Communication Between the Two Servers
The IAG 2007 actually has the 2006 ISA Firewall installed on it. The ISA confi guration
is maintained by IAG, making it a completely appropriate edge device. The ISA fi rewall
has never been compromised and has no security issues; because of this, it makes sense
to design an organization??™s SSL VPN on an IAG server.
IAG Firewall Rules (13)
With the IAG and ISA server so closely joined together, Microsoft has made creating
a portal with published applications and the related fi rewall changes in ISA server into
one process. When the IAG confi guration is changed and the confi guration activated,
IAG will update the related fi rewall rules in ISA.
The fi rst thirteen rules allowed in ISA were created during the installation of IAG.
Figure 8.13 shows the list of fi rewall rules created in ISA server by the IAG after the
confi guration was activated. For example, rule 11 shows protocol UDP on port 53 is
allowed to enter the fi rewall and go through to an internal server for all users.
Pages:
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324