Initial setup considerations

In this section

 

Firewall lockdown mode

8

Internal network overview

9

Computer name and administrator password

9

Workgroup and domain name considerations

10

Internal IP address

11

DNS server address on the internal interface

12

Custom network adapter configurations

13

External IP address

14

Firewall lockdown mode

The ProLiant DL320 Security Server is defending itself right out of the box by applying the firewall lockdown mode. The ProLiant DL320 Security Server can be set up while it is connected to the internal network and to the Internet because the firewall lockdown mode is active.

A critical function of a firewall is to react to an attack. When an attack occurs, it might seem that the first line of defense is to disconnect from the Internet, isolating the compromised network from malicious outsiders. However, HP does not recommend this approach. Although the attack must be handled, normal network connectivity must be resumed as quickly as possible, and the source of the attack must be identified.

The lockdown feature introduced with ISA Server 2004 combines the need for isolation with the need to stay connected. Whenever the Microsoft® firewall service is down, the ISA Server enters the lockdown mode, which occurs when:

The server is starting up and the firewall service has not yet started.

An event triggers the firewall service to shut down. When configuring alert definitions, configure the firewall service by determining which events will cause the firewall service to shut down.

The firewall service is manually shut down. If a malicious attack occurs while configuring the ISA Server computer, shut down the firewall service, and the network can handle the attack.

Affected functionality

When in lockdown mode, the following functionality applies:

The FWENG applies the firewall policy.

The following system policy rules are still applicable:

Allow ICMP from trusted servers to the local host

Allow remote management of the firewall using MMC (RPC through port 3847)

Allow remote management of the firewall using the RDP

Outgoing traffic from the local host network to all networks is allowed. If an outgoing connection is established, that connection can be used to respond to incoming traffic. For example, a DNS query can receive a DNS response on the same connection.

Initial setup considerations 8

Page 7 Page 9
Page 8
Image 8
HP Microsoft Internet Security and Acceleration (ISA) Software manual Initial setup considerations, Firewall lockdown mode
Page 7 Page 9

Microsoft Internet Security and Acceleration (ISA) Software specifications

HP Microsoft Internet Security and Acceleration (ISA) Software is a robust network security solution designed to safeguard business environments by offering a versatile platform for secure internet access. ISA Server integrates multiple functionalities that are essential for modern enterprise needs, helping organizations manage and protect their network infrastructure.

One of the main features of ISA Server is its firewall capabilities, which provide an essential barrier between internal networks and external threats. The software utilizes intelligent packet filtering to analyze incoming and outgoing traffic, ensuring that only legitimate communications are allowed while blocking potentially harmful activity. This helps to mitigate risks associated with external cyber threats and unauthorized access.

Another key feature is the built-in web caching technology. ISA Server improves network performance by caching frequently accessed websites and content. This reduces bandwidth usage and enhances response times for end-users, leading to increased productivity. By storing copies of web pages, ISA Server can serve them quickly to users, allowing enterprises to optimize their use of internet resources.

ISA Server also includes a powerful Virtual Private Network (VPN) feature, enabling secure remote access for employees. This technology supports secure connections over the internet, allowing users to access the corporate network and resources from anywhere in the world. The VPN capabilities ensure data encryption during transmission, protecting sensitive information from interception.

Moreover, ISA Server incorporates integrated threat management tools, which offer insights into potential security issues. These tools provide logging and reporting features that allow administrators to monitor traffic patterns and detect anomalies. This functionality is critical for identifying and responding to potential security breaches in real-time.

In addition to these features, ISA Server supports application-layer filtering, which enhances security further. This allows organizations to control access to specific applications and services while ensuring that malicious content cannot infiltrate the network.

Overall, HP Microsoft Internet Security and Acceleration Software is a comprehensive solution designed to address the complexities of network security in today’s digital landscape. Its combination of firewall protection, web caching, VPN capabilities, and application-layer filtering makes it an invaluable tool for organizations looking to secure their internet connectivity while optimizing performance and user experience. By leveraging advanced technologies and characteristics, ISA Server empowers businesses to operate safely and efficiently in an interconnected world.
Top Page Image Contents