Microsoft Internet Security and Acceleration Server

Infobox_Software
name = Microsoft Internet Security and Acceleration Server


caption = Screenshot of ISA 2004 in wizard view
developer = Microsoft
latest_release_version = [http://technet.microsoft.com/en-us/bb738392.aspx Microsoft Internet Security and Acceleration Server 2006]
latest_release_date =
operating_system = Microsoft Windows Server
genre = firewall, virtual private network, web cache
license = Proprietary
website = [http://www.microsoft.com/isaserver/default.mspx Microsoft Internet Security and Acceleration Server Homepage]

Microsoft Internet Security and Acceleration Server (ISA Server) is described by Microsoft as an "integrated edge security gateway". Originating as Microsoft Proxy Server, ISA is a Firewalling & Security product based on Microsoft Windows primarily designed to securely publish webservers and other server systems, provide Stateful, Application-Layer Firewalling, act as a VPN endpoint, and provide Internet Access for client systems in a Business Networking environment.

ISA 2000 and 2004 have also been included in the "Premium Edition" of Microsoft Small Business Server, as well as being sold as Appliance devices by a number of Third Party vendors.

Current Version

The present version of ISA Server is ISA 2006, released on 17th October 2006. ISA 2006 is designed to run on the Windows Server 2003 and Windows Server 2003 R2 platforms (ISA 2006 drops support for Windows 2000 as the host platform). ISA 2006 is a stateful packet and application layer inspection firewall, virtual private network and web cache (both forward caching and reverse caching) server.

ISA 2006 introduces a variety of improvements upon the previous version, ISA 2004, including support for authentication via Secure LDAP, (LDAPS) to multiple LDAPS providers or Active Directory forests, integrated support for Exchange 2007 (also backported to ISA 2004), support for publishing Microsoft SharePoint, Single sign-on, Cross-Array Link Translation, Web Publishing Load Balancing (with cookie-based affinity for Integrated NLBS) as well as variety of improvements to wizards such as a Branch Office VPN Connection Wizard, improved certificate management, and Link translation.ISA Server 2006 is only available in 32 bits. It also does not work on Windows 2008 due to the extensive changes of the IP stack.

Thanks to the rich SDK, ISA Server is a very extensible platform which has many 3rd party plug-ins and extensions available for it. This includes various products from ISA centric ISV's such as Winfrasoft http://www.winfrasoft.com (Backup for ISA Server, VPN-Q and X-Forwarded-For for ISA Server), Collective Software http://www.collectivesoftware.com (ClearTunnel, LockoutGuard, FlexForm etc) and other vendors.

Versions

Microsoft Proxy Server

The ISA Server product line originated with Microsoft Proxy Server. Microsoft Proxy Server v1.0 was first launched in January 1997,cite web | url = http://support.microsoft.com/lifecycle/?p1=2695 | title = Microsoft Support Lifecycle | accessdate = 2007-06-05] and was designed to run on the Windows NT 4.0 platform. Proxy Server v1.0 was a basic product designed to provide Internet Access for clients in a LAN Environment via TCP/IP. Although well-integrated into the NT4 platform,cite web | url = http://www.windowsecurity.com/articles/Microsoft_ISA_Server_Part_I__introduction_installation_configuration_Web_caching_and_Internet_access.html | title = Microsoft ISA Server | accessdate = 2007-06-05] Proxy Server v1.0 only had basic functionality, and came in only one edition. Extended support for Proxy Server v1.0 ended on March 31, 2002.

Proxy Server v2.0 was launched in December 1997,cite web | url = http://support.microsoft.com/lifecycle/?p1=2696 | title = Microsoft Support Lifecycle: Proxy Server 2.0 Standard Edition | accessdate = 2007-06-05] and included better NT Account Integration, improved Packet Filtering support, and support for a wider range of Network Protocols. Proxy Server v2.0 exited the extended support phase and hit End of Life on the 31st December 2004.

ISA 2000

On the 18th of March 2001, Microsoft launched ISA 2000. ISA 2000 introduced the "Standard" and "Enterprise" editions which ISA continues to ship under, with Enterprise-grade functionality such as High-Availability Clustering not included in the Standard Edition. ISA 2000 required Windows 2000 (any edition), and will also run on Windows Server 2003. In accordance with Microsoft's Support Lifecycle Policy, ISA 2000 was the first ISA product to use the 10 year support lifecycle with 5 years of "Mainstream" support and five years of "Extended" support. ISA 2000 reaches End of Life on the 12th of April 2011.

ISA 2004

ISA Server 2004 was released on the 8th September 2004. ISA 2004 introduced multi-networking support, integrated virtual private networking configuration, extensible user and authentication models, Application-Layer Firewall support, support for the H.323 protocol, Active Directory Integration, SecureNAT, Secure Server Publishing, and improved management features.

ISA Server 2004 Enterprise Edition included array support, integrated Network Load Balancing (NLB), and Cache Array Routing Protocol (CARP). One of the core capabilities of ISA Server 2004 was its ability to securely publish Web servers. For example, some organizations use ISA Server 2004 to publish their Exchange services (e.g., OWA, RPC over HTTP, ActiveSync, OMA). Using the "Forms-based Authentication" ("FBA") authentication type, ISA Server can be used to pre-authenticate web clients so that traffic from unauthenticated clients to published clients is not allowed.

Microsoft Internet Security and Acceleration Server 2004 is available in two editions, Standard and Enterprise. Enterprise Edition contains features enabling policies to be configured on an array level, rather than on individual ISA Servers, and load-balancing across multiple ISA Servers. Each edition of ISA Server is licensed per processor (the version included in Windows Small Business Server 2000/3 Premium includes licensing for 2 processors), and requires Windows Server 2003 Standard (32 bit) or Enterprise (32 bit) Edition server on which to run. Appliance hardware containing Windows 2003 Appliance Edition and ISA Server Standard Edition is available from a variety of Microsoft Partners. [cite web | url = http://www.microsoft.com/isaserver/hardware/default.mspx | title = Deploy ISA Server and IAG in Minutes with Hardware Solutions | accessdate = 2007-06-05]

Microsoft Threat Management Gateway

The next version of ISA server, codenamed "Nitrogen", will be released as Microsoft Forefront Threat Management Gateway [cite web
title = Microsoft Releases Beta of Integrated Security System Forefront “Stirling”
url = http://www.microsoft.com/presspass/press/2008/apr08/04-08ForefrontBetaPR.mspx
accessdate=2008-04-16
date=2008-04-08] . The product is currently under development.

The first beta was shipped at the end of 2007 but is currently under NDA. This version will run on Windows Server 2008 and will also be available in a 64-bit edition. It will also be included in Windows Essential Business Server. A 'first look' beta release is now publicly available as part of the beta of Microsoft Forefront codename "Stirling".

Timeline

ee also

* Windows Server System
* Microsoft Forefront

References

External links

* [http://www.microsoft.com/isaserver/default.mspx Microsoft Internet Security and Acceleration Server]
* [http://www.microsoft.com/technet/isa/default.mspx ISA Server TechCenter]
* [http://technet.microsoft.com/en-us/bb738392.aspx Evaluate ISA Server 2006 Enterprise Edition]