For an enterprise network, stable speed is an important indicator for evaluating whether the enterprise network is healthy. When the enterprise network is abnormal, our network administrator directly faces criticism and distress from all parties: "XXX, my website is slow to open. Come and help me see what's wrong", "XXX, how do you manage the network if the website cannot be opened?", "XXX, you can help me see how emails cannot be received. "one or two people will let you see that you have to deal with it, if the company has dozens or hundreds of people looking for you at the same time, I think even if you have three heads and six arms, you may not be able to handle it. Even if you can handle it, it will happen more often, everyone will inevitably transfer their network dissatisfaction to you. How to effectively ensure the healthy operation of the enterprise network becomes a top priority for every network manager.
1. prevent problems beforehand
ISA provides excellent application-layer Filtering functions. Here, we can use HTTP policies to control connections of all ISA Server customers. ISA can be combined with user sets established in the domain environment, users can flexibly control their access content to block illegal pornographic sites, online videos, P2P downloads, and other websites.
In ISA, you can also set the value of "enable bindwith control" to enable the traffic control function. When your actual traffic exceeds the value set by enable bindwith control, the network bandwidth of the main salesman will be prioritized based on the preset user traffic level to ensure the normal operation of the company's business.
At the same time, ISA can also use third-party plug-ins such as Bandwidth Splitter for ISA Server) to expand the performance and customize the allocation or limitation.) A single user and host in the internal network, or a user group or a host group in an Active Directory) for INTERNET connection and bandwidth, or anti-virus scanning for content downloaded by users in the enterprise network, this ensures the security of the web pages viewed and downloaded files.
In order to reasonably utilize bandwidth and improve work efficiency, we can also control the time period for the specified user group to access the Internet on ISA. In ISA, set a protocol rule to be executed for a certain period of time on a day of every week for the specified user group, and execute other protocol rules for other periods of time, so that the management and control of the enterprise network is more humane.
2. Detect external attacks and intrusions to reject unsafe factors
An important function of ISA Server is Intrusion Detection. In the IP packet filtering attribute dialog box of ISA Management, enable intrusion detection. You can configure ISA Server to detect six common network attacks. These attacks include port scan attacks, IP semi-scan attacks, logon attacks, Ping of Death attacks, UDP bombing attacks, and Windows out-of-band (WinNuke) attacks.
When someone tries to attack your network, intrusion detection can identify it. After detecting the attack, the ISA Server will take a series of pre-configured measures (or alarms ). By default, once Intrusion Detection is enabled, ISA Server sends a message to the Windows event log as soon as it detects an attack. You can also configure ISA Server to respond to detected attacks by sending emails to administrators, starting a specific program, and starting or stopping selected ISA Server services.
3. Real-time Monitoring and log analysis capabilities to enhance network management
ISA uses the user interface based on the Microsoft Management Console MMC, graphical task pad, and Wizard to manage the ISA Server, thus simplifying management. With the real-time log monitoring feature of ISA, You can monitor all active firewall sessions and track performance monitoring data in real time. The session filtering tool can help us narrow the monitoring scope, in this way, you can quickly find out the problem.
Of course, here you can also use a third-party plug-in to help you manage your business based on your usage habits and expertise. With more intuitive and detailed log analysis results, enterprise managers can easily know when their employees are surfing the Internet and what they are doing online. Managers can also learn the network behavior trend of employees within the company based on the report, and stop some network abuse behaviors from the company's management.
- View the features of ISA 2006 from the perspective of enterprise network security requirements
- Security: ISA Server for enterprise VPN configuration
- Microsoft ISA Server Intranet Security Solution