Examining the Rules Added to the ISA Confi guration
Any time the IAG has a confi guration change and when the ???activate the confi guration???
button is depressed, IAG will update the related ISA fi rewall rules.
In our demonstration for this chapter, both ISA 2006 and IAG 2007 are installed
on the same server (SRV1). In the process of adding the OWA application and confi guring
the IAG, some 13 new rules are created on the ISA 2007 server. Also, additional ???ALLOW
RULES??? are created when you update the portal trunk confi guration.
ISA Rules
One newly created fi rewall rule on the ISA server called AUTH#001, allows network
traffi c from the IAG server to the domain controller. This new rule is for authentication
purposes only.
Using Outlook Web Access through the Intelligent Application Gateway ??? Chapter 9 353
The next rule, Trunk#001, allows network traffi c from client computers to the IAG
server on HTTPS port 443, which is the IAG portal Web site.
These rules and many more can be reviewed in the ISA Server Manager console.
Securing the Outlook Web Access Interface
Securing the OWA is straightforward with no hidden complicated procedures, and can
be accomplished in approximately 5 minutes or less in most circumstances.
In this demonstration, you will defi ne endpoint policies. ???Endpoint policies??? is another
term for client computers. Endpoint policies allow you to specify required security
confi guration settings on the client computers.
Pages:
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352