ISA Server can act as a firewall as it is normally installed at a network perimeter and is used to block all unauthorized access to an internal network, and control access from internal network to the Internet. ISA Server provides packet filtering, stateful filtering, and application-layer filtering. ISA Server enables secure access to the Internet by ensuring that clients can access only the required resources on the Internet, and by ensuring that the connection and data transfer both to and from the Internet is secure.
ISA Server allows secure access from the Internet to internal network resources through the use of Web publishing rules, secure Web publishing rules, and server publishing rules. These publishing rules limit who can access the internal network and what can be viewed once the internal network is accessed.
ISA Server can enable secure access to e-mail servers by blocking attacks against those servers and filtering incoming mail for unwanted spam and attachments. ISA Server can also enable secure client connections to Exchange Server for clients using a variety of client protocols.
ISA Server can enable secure connections to internal network resources by enabled VPN connections for remote clients and sites. Virtual private networking allows secure remote access to resources on an organization’s internal network for users outside the network. The VPN is a virtual network that enables communication between a remote-access client and computers on the internal network or between two remote sites even though the computers might be in different locations and separated by a public network such as the Internet. ISA Server supports two VPN tunneling protocols: Point-to-Point Tunneling Protocol (PPTP) and Layer Two Tunneling Protocol with Internet Protocol security (L2TP/IPSec). PPTP uses Point-to-Point Protocol (PPP) user authentication methods and Microsoft Point-to-Point Encryption (MPPE) to encrypt IP traffic.
Implementing monitoring on ISA Server is a critical component of a successful ISA Server deployment. We can monitor traffic between networks to ensure that our access rules are configured correctly and that only the expected traffic is passing through ISA Server. By monitoring the computer running ISA Server, we can also gather information to use for planning modifications to the current ISA Server infrastructure. We can use the ISA Server Management Console to monitor several components on the ISA Server computer.