ISA Server can act as a firewall between the Internet and your internal network (the IP range you defined when setting up ISA Server). Machines on your network can use the server (acting as a gateway) to access the Internet, while being protected from the outside world. It's an ideal configuration for most businesses.
The scope of using ISA Server could fill a book (and does), but we'll just focus on using the firewall to restrict web sites. This should get you somewhat familiar with ISA Server and how to configure rules using the firewall.
To access the ISA Server Management Tools snap-in, choose Programs, Microsoft ISA Server, ISA Management (see Figure 5).
Figure 5 The ISA Server Management Tools snap-in.
To configure the firewall, expand the Access Policy node in the navigation tree. ISA Server uses the term policy to refer to a rule or set of rules that apply to incoming and outgoing traffic. Outgoing trafficfrom your internal network machines to the Internetis controlled by the Outgoing Access Policy (OAP). The process for analyzing incoming packets is called Intrusion Detection.