Dr. Tom Shinder's ISA Server and Beyond: Real World Security Solutions for Microsoft Enterprise Networks
Demystifies the least understood and most under documented ISA Server configurations.
TABLE OF CONTENTS Dr. Tom Shinder's ISA Server and Beyond: Real World Security Solutions for Microsoft Enterprise Networks
Web Publishing
Web publishing rules allow you to take advantage of the Web Proxy service's ability to look at application-layer information in HTTP requests to make decisions on how to handle packets. At the beginning of this chapter, we discussed many features provided by Web publishing rules that aren't available with server publishing rules. Web publishing rules are the preferred method of publishing HTTP and FTP content on the internal network because they provide a higher level of security.
Several things need to be configured before you create a web publishing rule. These include:
-
The Incoming Web Requests listener
-
Destination sets
-
Public DNS entries
-
Private DNS entries
Incoming Web Request Listeners
You must configure an Incoming Web Requests listener before a Web publishing rule can work. While you can create a Web publishing rule without configuring an Incoming Web Requests listener, the rule won't accept requests. You can configure listeners separately, or you can apply the same configuration to all listeners.
Each Incoming Web Request listener listens on a specific IP address on the external interface of the ISA server. By default, there are no incoming Web Requests listeners. As you learned earlier in the chapter, you have the choice to configure all IP addresses on the external interface of the ISA server to use the same settings, or you can configure listeners separately.
There are some situations where you must configure listeners separately:
-
Only one certificate can be bound to a particular listener. If you need to support multiple...
Copyright Syngress Publishing, Inc. 2002 under license agreement with Books24x7
