ISA 2004 HTTP Security Filter – Will It Meet Its Potential?

ISA 2004 firewalls include a very powerful HTTP Security Filter. This filter allows you to block virtually any HTTP connection attempt, based on the settings you configure in the filter. The HTTP Security filter allows you to configure the ISA 2004 firewall to perform detailed searches of the HTTP header and body, and block connections that match your criteria. When used properly, this has the potential to be the ISA 2004 firewall’s “killer app”. However, most firewall admins have to do double, triple, quadruple and quintiple duties. They don’t have time to make the ISA 2004 firewall their avocation. They need … Continue reading ISA 2004 HTTP Security Filter – Will It Meet Its Potential?

Disabling Spoof Detection in ISA 2004 Firewalls

Spoof detection in ISA 2004 firewalls is a handy feature that helps protect the firewall from spoof attacks. However, there are some circumstances that generate spurious spoofs , such as when implementing NLB. No problem! Here’s the fix, courtesy of our good friend, Barclay Neira: 284811 HOW TO: Disable the IP Spoofing Detection Feature in Internet Security and Acceleration Server Here is the location you would need to update. All other information is the same: HKEY_LOCAL_MACHINE/SYSTEM/CurrentControlSet/Services/FwEng/Parameters Thanks Barclay!

Fixes for Instant Messenger Related Problems

One of the most common problems seen on the Web boards and mailing lists are Instant Messenger related issues. How do you get them to work? How do you make them stop working? My solution is to remove the dreaded IM’ers from the users machines 🙂 However, if you want more information on how to get these things to work, check out: Microsoft ISA Server Message Boards: Tips for msn,yahoo,kazaa:;f=14;t=000096 Lots of very useful tips and tricks there. HTH,Tom

Cool Script for Auto Failover and Failback for Windows 2003 ISA Firewalls

A frequent request on the ISA boards is a script or other free method that you can use to fail over and fail back if you have multiple external interfaces. Custler, a frequently posted on the message boards has posted a very nice script to get you started. Jim Harrison may jump in with a fix that will help it work in Windows 2000. Check it out here:;f=26;t=000012#000011 Thanks guys! Tom

The Mystery of the ISA 2004 Beta Newsgroups

I wrote to Jerry Bryant about putting some beta newsgroups for ISA 2004 on the Web site. Silly me, there were already ISA 2004 beta 2 newsgroups. The problem is that they’re very effectively hidden from public view! This explains why the level of activity in the “public” newsgroups for ISA 2004 is so much less than what I saw during the ISA 2000 beta. Anyhow, if you’re interested in getting invovled with the public ISA 2004 Beta 2 newsgroups, here’s the secret sauce: Viewing these Newsgroups with an NNTP Newsreader Since these are private newsgroups, your server will … Continue reading The Mystery of the ISA 2004 Beta Newsgroups

Download New ISA 2000 Video Presentations

Microsoft has posted some video presentations that you can download and view at your leisure. Do what I do — burn these guys to a DVD and play them while flying from one gig to another. You can watch Martin Sargent reruns only so many times 🙂 With ISA Server 2004 now not that far away, Microsoft have released a bunch of ISA 2000 Presentations. Internet Security and Acceleration Server Network Design for Microsoft .NET ApplicationsIn this presentation you will learn how to design a network for multi-tiered Microsoft .NET applications. The session introduces each element of the architecture and … Continue reading Download New ISA 2000 Video Presentations

Another TechEd ISA 2004 Session

If you’re planning on attending TechEd this year in San Diego, then you might be interested in another session that I’m doing. Here’s the info: Date: May 25Time: 5:00PM — 6:15PMCode: SECC04Description: ISA Server 2004 Enhanced Microsoft Exchange and VPN Services Support: How ISA Server Provides Enhanced Security for MS Exchange and VPNSpeaker Name: Tom Shinder — ISAServer.orgCode: Canbana4Reg Type: COMM I’ll talk about what’s new, what cool, and what’s unique about ISA 2004’s VPN and Exchange Server protection features. Hope to see you there! Thanks!Tom

Birds of a Feather Session for ISA Fans at TechEd in San Diego

If you’re an ISA firewall fan, and want to get together with other ISA afficianados, then check out the Birds of a Feather (BOF) session we’re putting together for TechEd. A number of ISA gurus (and me too) will be there! Here’s the run down so far: Application layer firewalls are the present and future of secure network computing, and ISA firewalls set the standard. gurus and MVPs Tom Shinder, Chris Gregory, Jason Ballard and Jim Harrison crack open the case on ISA Server firewall placement and config. Bring your config and design questions to this interactive and info-packed session. … Continue reading Birds of a Feather Session for ISA Fans at TechEd in San Diego

Protecting Microsoft Exchange with ISA Server 2004 Firewalls: Integrating the ISA Firewall into an Established Network Infrastructure

If you didn’t already know, ISA firewall’s are the firewalls for protecting Microsoft Exchange Servers. One of the things the hampers adoption is the belief by many firewall and network admins that they need to change up their current network topologies in a big way to support a new ISA firewall. Not true! Check out this article I posted today to see how easy it is to get ISA firewall protection without having to re-jigger your entire network infrastructure to support it. Thanks!Tom

DCOM Error Related to SMTP Message Screener

The ISA firewall’s SMTP Message Screener is pretty cool. Its not a full-fleged spam whacker, but it provides a nice first line of defense against unwanted email. One thing that was a bit problematic with the ISA 2000 firewall’s SMTP Message Screener was that it depended on DCOM messages being passed between the SMTP relay with the SMTP Message Screener installed and the ISA firewall machine. You don’t see this problem if the SMTP Message Screener is on the ISA firewall itself, but you do see it if it’s on another machine. If you see an error that looks some … Continue reading DCOM Error Related to SMTP Message Screener