I’ve just spotted the book on Amazon so will toddle off to get it.

All the best,

Sam

It’s a great list! The contest has been over for awihle though

Tom

Support of secure LDAP authentication rather than sniffable LDAP support
LDAPS for publishing authentication for to multiple forests making LDAP auth a secure, slick, and simple replacement for RADIUS/ RADIUS proxy services
Built in wizard for Exchange 2007 publishing
Built in wizard for Microsoft SharePoint publishing
Return of the VPN wizard, for branch office connections etc
VPN unattended answer file support
Supports single sign-on, if you visit web sites in the same domain and by the same web lisener you’ll use cached credentials rather than having to re-authenticate
Cross-Array link translation allowing published web sites across multiple arrays with global entries within the link translation dictionary
Ability to perform website load balancing on the cheap
Forms based authentication for all published web sites
Support for password changes on the log in page
Log on form warns users about pending password expiration
Better support for hardware SSL kit when using ms network load balancing
Lets you add multiple VIP’s through the web interface rather than having to configure your NIC
Improved flood resiliency, i.e. more options
Log throttling to protect the server from DOS against itself
Web Publishing Load Balancing with cookie-based affinity for Integrated NLBS
Better certificate management and Link translation
Support for published configuration storage servers
Improved MOM management pack
Logging supports logging the referring server for connections made to published servers

And for good measure, some things that have been removed…

ISA 2006 drops support for Windows 2000 as the host platform (no great loss there then)
ISA 2006 isn’t yet EAL4+ certified (come on ISA 2006, you can do it!)

Apologies to any writers of ISA books who may have been plagiarised in the making of this post…. at least I’ve bought your other books, which continue to save my bacon on most ISA installations!

Kind Regards

Sam

… ISA 2006 also has:

- Flexible forms based authentication filter (not just for exchange)
- More wizards for publishing SharePoint
- Updated wizards to include RPC/HTTP (oops, Outlook Anywhere access as its now called)
- Web single sign on
- RADIUS one time password authentication - saves the bacon of 2 factor auth companies
- User objects allowed from LDAP namespace
- VERY flexible authentication delegation e.g. forms/basic/certificate to Kerberos (and many more combinations)

Strange new things:
- For some bizarre reason a “Server publishing rule” is now a “non-web server protocol publishing rule” - sheeeesh!
- There is no longer a “Firewall Client” option in the setup, it’s just vanished. The binaries don’t seem to be included in the serve install either but there is a client folder on the installation CD - MSFT, why did you do this???

I don’t want to focus on the dark side as ISA 2006 is great, but we are still missing:
- 1:1 NAT - for some reason MS don’t realise that every other firewall, even low cost silly ones, can do this and ISA needs to also!
- VPN access based on VPN protocol (either PPTP or L2TP/IPSEC), you can do this already in RRAS but not in ISA.
- AES encryption for VPN’s - again MS need to play catch up on the basic infrastructure.
- Central management for ISA SE
- Simple certificate wizard for requesting certs and generation self signed ones, a bit like SBS and Exchange 2007 can do.

It’s not 20 I know, but I’ve already got the book

Steven Hope
Architectural Consultant
ViRCOM
Microsoft Gold Certified Partner
Web: www.vircom.co.uk
Email: steven@vircom.co.uk
Blog: http://spaces.msn.com/members/stevenhope