Manuals / HP / Computer Equipment / Software

HP Microsoft Internet Security and Acceleration (ISA) Software Creating an Internet access rule

Models: Microsoft Internet Security and Acceleration (ISA) Software

1 37
Download 37 pages 12.14 Kb
Page 16
Image 16

and read by network analyzers because they are not encrypted. However, all browsers support basic authentication.

12.In the Authentication dialog box, click OK.

13.In the Internal Properties dialog box, click Apply>OK.

14.Click Apply at the top of the details pane to save the changes and update the firewall policy.

Enabling the firewall client listener

The firewall client is an optional client-side software component that can be installed to enhance the level of security and accessibility for those host systems. The firewall client software can be installed on all 32- bit Microsoft® Windows® operating systems. The firewall client software provides the following benefits:

User credentials are transparently sent to the ProLiant DL320 Security Server, which enables user- level authentication for access control.

All Winsock applications are supported, including those requiring complex protocols (such as FTP, games, and voice or video applications).

The firewall client computer is independent of the default gateway configuration because it forwards Internet connection requests directly to the internal IP address of the server.

The firewall client software is optional. However, enabling the firewall client listener allows the ProLiant DL320 Security Server to accept incoming connection requests from firewall clients.

To enable the firewall client listener on the server:

1.In the scope pane of the ISA Server console, expand the server name, expand the Configuration node, and click the Networks node.

2.In the details pane, click the Networks tab.

3.In the list of networks, right-click the internal network, and click Properties.

4.In the Internal Properties dialog box, click the Firewall Client tab.

5.On the Firewall Client tab, select the Enable Firewall client support for this network checkbox. Do not change the ISA Server name or IP address default settings. Change this setting later, depending on whether a DNS server is on the LAN.

6.Click Apply, and then click OK in the Internal Properties dialog box.

7.Click Apply at the top of the details pane to save the changes and update the firewall policy.

Creating an Internet access rule

After installing the ProLiant DL320 Security Server, all traffic from internal network clients to the Internet is blocked. This default configuration provides a high level of security and prevents both internal and external users from accessing content through the server.

Connect to the Internet through the ProLiant DL320 Security Server immediately after it is installed. The simplest client configuration is the Secure NAT client. To connect internal network clients to the Internet as quickly as possible but still remain secure from external threats, confirm the following:

The default gateway setting on the LAN computers is set to the IP address of the internal interface of the ProLiant DL320 Security Server.

The LAN computers are configured with a DNS server address that can resolve Internet host names. If there is not a DNS server on your LAN capable of resolving Internet host names, configure the LAN computers to use the IP address of your ISP DNS server. For more details, see the DNS server (on page 29) section.

A firewall rule exists, allowing access to the required Internet protocols.

Setting up the server 16

Page 15 Page 17
Page 16
Image 16
HP Microsoft Internet Security and Acceleration (ISA) Software manual Enabling the firewall client listener
Page 15 Page 17