Use ISA Server to solve the problem
After detailed information asset investigation and risk assessment, and comparison and evaluation of border security products on the market, finally, the ISA Server in the Microsoft Forefront Security product line was selected as a new Security solution for the internal network. To ensure the deployment effectiveness of this security solution, the company has also formulated corresponding internal network security usage guidance and Security Event Response policies, and trained relevant IT department personnel for several days.
|
Figure: Enterprise internal network deploymentISA ServerOf |
Benefits after using ISA Server
After an enterprise deploys the ISA Server for a period of time, the weekly internal network security event alarms received by the enterprise IT department are greatly reduced. The results of regular security audits on the enterprise data center are also displayed, the number of hacker attacks on servers in the data center is significantly lower than before the new security solution is deployed, and no successful intrusion event is found. In addition, the enterprise's internal network has the following benefits due to the newly deployed security solution:
1) The security and manageability of the VPN service are greatly provided: Because the ISA Server can perfectly support Active Directory user authentication and policy control, the IT department of the enterprise can easily pass the Active Directory, VPN users can be easily and quickly managed and monitored to free the enterprise IT department from the previous heavy remote user management and monitoring work, it also greatly simplifies the difficulty for enterprise network users to use the VPN service.
2) significantly improved security of data center servers: By using the built-in Server publishing function of ISA Server, data center servers originally exposed on the Internet can be hidden under the protection of ISA Server, and only provide a single valid service and port to the outside world, thus greatly reducing the attack surface of these servers. In addition, ISA Server can further enhance the security of enterprise data center servers through custom access control policies.
3) The number of malware events in the internal network is greatly reduced: the ISA Server can customize the data filtering function, so that the IT department of the enterprise can filter and intercept the data types that enter the internal network of the enterprise, for example, users on the internal network are prohibited from downloading executable files and compressing files, which effectively reduces the possibility that user systems in the internal network are infected with various malware.
4) low overall use cost: ISA Server adopts a flexible deployment mode, allowing administrators to deploy one or more ISA Server servers based on internal network traffic, this ensures the connection speed and response time of the enterprise's internal network. ISA Server inherits from Microsoft's consistent ease of use, which makes IT unnecessary for the enterprise IT department to spend too much cost and effort on managing and maintaining ISA Server.
Related Articles]
- Enterprise border application product VPN security requirements