HP Microsoft Internet Security and Acceleration (ISA) Software manual Internal network overview

Page 9

No incoming traffic is allowed unless a system policy rule (listed previously) that specifically allows the traffic is enabled. The one exception is DHCP traffic, which is always allowed. That is, the UDP Send protocol on port 68 is allowed from all networks to the local host network. The corresponding UDP Receive protocol on port 67 is allowed.

VPN remote access clients cannot access the ISA Server. Similarly, access is denied to remote site networks in site-to-site VPN scenarios.

Any changes to the network configuration while in lockdown mode are applied only after the firewall service restarts and ISA Server exits lockdown mode. For example, if you physically move a network segment and reconfigure ISA Server to match the physical changes, the new topology is in effect only after ISA Server exits lockdown mode.

ISA Server does not trigger any alerts.

Leaving lockdown mode

When the firewall service restarts, the ISA Server exits lockdown mode and continues functioning as it did previously. Any changes made to the ISA Server configuration are applied after the ISA Server exits lockdown mode.

Internal network overview

The internal network consists of addresses on the protected network that are not associated with a perimeter or external network interface. Addresses on the LAN are typically part of the internal network. The ProLiant DL320 Security Server installation process depends on the correct configuration of the internal network adapter so that the server system policy is applied correctly. Network infrastructure services, such as Active Directory service domain controllers, internal DNS servers, DHCP servers, Microsoft® WINS servers, Terminal Services, ICMP, CIFS, and others depend on the correct configuration of the internal network.

Incorrect configuration of the internal network addresses could lead to a compromise of the ProLiant DL320 Security Server.

The internal network consists of a collection of addresses representing a portion of a network ID, an entire network ID, or several network IDs. The internal network can represent all addresses accessible from one or more network adapters.

Computer name and administrator password

Select a computer name for the ProLiant DL320 Security Server. The server name must be different from any other computer on the network. No two computers on the network can have the same name. The computer name must be 15 characters or less in length and include only letters, numbers, and non- alphanumeric characters (spaces are not allowed). See the computer name database if the server is installed on a larger network.

NOTE: If the ProLiant DL320 Security Server will join a domain, be sure to comply with existing domain- wide password policy.

The administrator account has complete access to all components of the ProLiant DL320 Security Server. Any person connecting to the ProLiant DL320 Security Server with the administrator account can take control of the firewall and attack the network. Use a complex and difficult-to-guess password for the administrator account to help prevent attackers from easily guessing the password.

Record and memorize the administrator password used for the ProLiant DL320 Security Server. Store the password in a protected location after the server installation is completed.

Initial setup considerations 9

Page 8 Page 10
Image 9
Page 8 Page 10
Contents HP ProLiant DL320 Security Server User Guide Audience assumptions Contents Network services support Before you contact HP Technical supportHP contact information Customer self repairHP customer support Overview IntroductionInitial setup considerations Firewall lockdown modeAffected functionality Computer name and administrator password Leaving lockdown modeInternal network overview Select StartControl PanelSystem Workgroup and domain name considerationsInternal IP address DNS server address on the internal interface Custom network adapter configurations External IP address Setting up the server Select the Enable Web Proxy clients checkboxEnabling the web listener Enabling the firewall client listener Creating an Internet access ruleHP Virus Throttle Configuring Virus ThrottleSuggested third-party applications Available verified third-party applications and plug-insAdditional documentation available from HP Managing and maintaining the firewall Microsoft Windows UpdateRemote desktop ServerRemote management console Remote AssistanceSelect StartHelp and Support Configuring firewall logging Configuring monitoring, reporting, and loggingConfiguring web proxy logging Click ApplyOKDNS Wpad entry Setting up the Client Installation ShareDhcp option Configuring time synchronizationBrowse OptionsRemote access VPN Disaster recovery and change management Backing up and restoring server settingsBacking up and restoring the system Scheduling backups Restoring original factory settingsNext Select ToolsOptionsAdvanced Network services support DNS serverDhcp server Network services support Hardening overview and impact Firewall and operating system services overviewClick Services and ApplicationsServices ProLiant DL320 Security Server servicesVDS TCP/IP Acronyms and abbreviations LAN WIA
Related manuals
Manual 1 pages 61.73 Kb Manual 4 pages 42.81 Kb

Microsoft Internet Security and Acceleration (ISA) Software specifications

HP Microsoft Internet Security and Acceleration (ISA) Software is a robust network security solution designed to safeguard business environments by offering a versatile platform for secure internet access. ISA Server integrates multiple functionalities that are essential for modern enterprise needs, helping organizations manage and protect their network infrastructure.

One of the main features of ISA Server is its firewall capabilities, which provide an essential barrier between internal networks and external threats. The software utilizes intelligent packet filtering to analyze incoming and outgoing traffic, ensuring that only legitimate communications are allowed while blocking potentially harmful activity. This helps to mitigate risks associated with external cyber threats and unauthorized access.

Another key feature is the built-in web caching technology. ISA Server improves network performance by caching frequently accessed websites and content. This reduces bandwidth usage and enhances response times for end-users, leading to increased productivity. By storing copies of web pages, ISA Server can serve them quickly to users, allowing enterprises to optimize their use of internet resources.

ISA Server also includes a powerful Virtual Private Network (VPN) feature, enabling secure remote access for employees. This technology supports secure connections over the internet, allowing users to access the corporate network and resources from anywhere in the world. The VPN capabilities ensure data encryption during transmission, protecting sensitive information from interception.

Moreover, ISA Server incorporates integrated threat management tools, which offer insights into potential security issues. These tools provide logging and reporting features that allow administrators to monitor traffic patterns and detect anomalies. This functionality is critical for identifying and responding to potential security breaches in real-time.

In addition to these features, ISA Server supports application-layer filtering, which enhances security further. This allows organizations to control access to specific applications and services while ensuring that malicious content cannot infiltrate the network.

Overall, HP Microsoft Internet Security and Acceleration Software is a comprehensive solution designed to address the complexities of network security in today’s digital landscape. Its combination of firewall protection, web caching, VPN capabilities, and application-layer filtering makes it an invaluable tool for organizations looking to secure their internet connectivity while optimizing performance and user experience. By leveraging advanced technologies and characteristics, ISA Server empowers businesses to operate safely and efficiently in an interconnected world.
Top Page Image Contents