ISAserver.org Blogs RSS

Welcome to our ISA Server blogs. The blogs are regularly updated with the latest news and information about Microsoft ISA Server, the Universal Threat Management firewall and caching server.

Thomas Shinder Blog - FEATURED RSS

Written by Dr Thomas W Shinder, consultant to Microsoft, HP and many Fortune 500 companies on ISA firewall and Web proxy deployments this blog is where administrators get information about ISA Server Universal Threat Management firewalls. Topics include how to manage, deploy, and troubleshoot ISA Server as a network firewall, Web proxy/Web cache, remote access VPN server and VPN gateway to provide a high level of network security for all corporate computers.

Visit the Thomas Shinder Blog

Stefaan Pouseele Blog RSS

Stefaan Pouseele, an ISA Server MVP, discusses issues brought up within various ISA articles and Microsoft publications. Updates to the ISA Firewall, protocol support, discussions on the different ISA clients, ISA features, how to clean up network traffic and links to new ISA server literature are all be included within the blog. Get help on troubleshooting the ISA network firewall and learn how to create good security policies. Coverage on ISA Server 2006 also appears.

Visit the Stefaan Pouseele Blog

Latest ISAserver blog posts

Troubleshooting OWA 2007 Publishing Rules on ISA Server 2006
Date - May 9th, 2008
Author - Thomas Shinder
Yuri Diogenes from Microsoft PSS has put together a great article on troubleshooting Outlook Web Access Publishing Rules. Check it out at: http://blogs.technet.com/isablog/archive/2008/04/29/troubleshooting-owa-2007-publishing-rules-on-isa-server-2006.aspx HTH, Tom Thomas W Shinder, M.D. Site: http://www.isaserver.org/ Blog: http://blogs.isaserver.org/shinder/GET THE NEW BOOK! Go to http://tinyurl.com/2gpoo8Email: tshinder@isaserver.org MVP — Microsoft Firewalls (ISA). more...
How Should ISA Firewall Rules Be Ordered?
Date - May 8th, 2008
Author - Thomas Shinder
It's difficult to give hard and fast information on how to best order the rules in your ISA Firewall rule set, since there are many exceptions that require understanding of how rules are processed. more...
Stop malware with MalwareDomains.com and ISA the Firewall
Date - May 7th, 2008
Author - Thomas Shinder
MalwareDomains.com provides a DNS blocklist of known malware domains. This list is natively used as a part of DNS configuration, however, the below tool will allow you to import the domains.txt definitions file into ISA Server as a URL Set or DNS Set. You can then create a deny access rule based on the imported list. Note that I have not tested this application yet, so use at your own risk :) Check it out at: http://sync-io.net/ISATools.aspx HTH, Tom Thomas W Shinder, M.D. more...
More Information on Publishing the Polycom Videoconferencing Unit
Date - May 6th, 2008
Author - Thomas Shinder
This is always in interesting area of conversation. Check out Mike Bazarewsky's answer to the problem at: http://demos.software-answers.com/CS/blogs/mike_bazarewsky/archive/2006/11/20/ISA-Server-2004-with-a-Polycom-7000e-VSX.aspx Also, check out Microsoft's solution: http://support.microsoft.com/kb/556039/en-us (which interestingly enough, it also done by Mike!) HTH, Tom Thomas W Shinder, M.D. more...
Freeware ISA Firewall Tool to Determine User Access
Date - May 5th, 2008
Author - Thomas Shinder
Ever wonder what access a specific user or group has through the ISA Firewall? While you could fish through your firewall policies and figure it out, sometimes there are so many rules controlling so many protocols and sites, it's hard to see the forest from the trees. In that case, you can use a new tool called ISA User Access Check. more...
DNS Settings for the Forefront Threat Management Gateway's (TMG) Interfaces
Date - May 4th, 2008
Author - Thomas Shinder
One of the more common troubleshooting issues with the ISA firewall has to do with the DNS settings on the firewall's interfaces. The same issues apply to the new TMG's interfaces. more...
Firewall Chaining and the Forefront Threat Management Gateway (TMG)
Date - May 1st, 2008
Author - Thomas Shinder
All versions of the ISA Firewall, as well as the TMG support Firewall chaining. Firewall chaining involve two or more ISA or TMG devices in an upstream and downstream configuration. The device closest to the Internet is considered the upstream device, while the device closest to the source requests is referred to at the downstream device. The advantage of using Firewall chaining is that you can deploy the downstream firewalls in a way that is transparent to your routing infrastructure. more...
Microsoft Announces the Next Version of the IAG -- The Forefront Unified Access Gateway
Date - Apr 30th, 2008
Author - Thomas Shinder
The Microsoft Intelligent Application Gateway 2007 (IAG 2007) is an SSL VPN gateway that supports all types of SSL VPNs. We've covered the IAG 2007 a bit on this site and look forward to even more comprehensive coverage in the future. One of the issues that have hamstrung our efforts to popularize the IAG is that no software version of the solution was available. That's where today's good news comes in. more...
The Next Version of the ISA Firewall - the Forefront Threat Management Gateway - Now Available for Download
Date - Apr 24th, 2008
Author - Thomas Shinder
Last week I told you guys about "Stirling", the sophisticated new technology that Microsoft will use to tie together all of the products that participate in the Forefront Security line of products, as well as some of Windows Server 2008 platform security technologies (such as NAP). I also provided a link to the Stirling download. more...
X-Forwarded-For ISA Server 2.0
Date - Apr 21st, 2008
Author - Thomas Shinder
Looking to add X-Forwarded-For functionality to your ISA Server proxy infrastructure like Squid, Apache, F5 Big-IP, Blue Coat, Cisco Cache Engine, Netcache etc? Now you can! Winfrasoft X-Forwarded-For for ISA Server adds the ability to track the source IP address of a client PC through a proxy server chain. This is very useful for log analysis when branch offices connect to the Internet via a head office proxy server, and many other scenarios where multiple proxy server layers are used. more...

Receive all the latest articles by email!

Receive Real-Time & Monthly ISAserver.org article updates in your mailbox. Enter your email below!
Click for Real-Time sample & Monthly sample

Become an ISAserver.org member!

Discuss your ISA Server issues with thousands of other ISA Server experts. Click here to join!

Solution Center