Socket pooling allows a service to listen on all interfaces and IP addresses.

You should always disable socket pooling on the ISA server if you plan to run IIS services on the ISA server.

After disabling socket pooling, you must manually configure IIS services to listen only on the internal interface.

If you do not plan to use server publishing rules to publish IIS services on the ISA server, you do not need to disable socket pooling. Socket pooling works well when publishing services using packet filters.

You must use an admin script to disable socket pooling for the FTP and W3SVC services. You must use the MDUTIL utility to disable socket pooling for the SMTP, NNTP, POP3, and IMAP3 services.

You do not need to disable socket pooling on internal network servers that you're publishing using server or Web publishing rules. Socket pooling is only an issue for multihomed security devices that have at least one connection to a trusted network and at least one connection to an untrusted network.

Server publishing rules perform a reverse NAT function.

Server publishing rules can expose communications to application filters so that application-layer data can be examined.

The main advantage of using server publishing rules over packet filters is that you can use application filters to protect the published server.

You must disable socket pooling for IIS services that you want to publish on the ISA server.

Server publishing rules do not require...