This chapter covered the security aspects of ISA Server 2000. We started off by discussing site and content rules concepts. We covered protocol rules, bandwidth rules, and publishing policy rules. The discussion on rules was followed by a comparison of existing security solutions. We compared various security solutions in practice today, such as Proxy servers, NAT servers, bastion hosts, firewalls, and DMZs.
The VPN section included an explanation of VPN tunneling concepts, as well as the procedures for setting up local and remote ISA VPN servers. You also learned how to configure your Routing and Remote Access server as a VPN server, so that the server can accept client VPN requests.
In the DMZ section we covered the two most common types of DMZ implementations, the three-homed firewall and back-to-back firewall configurations.
In the next chapter, we will cover the important concepts of packet filtering. First we will introduce the creation and application of packet filtering. Then we will focus on application filters. Application filters have the capability to redirect, block, or even change the data when it reaches the ISA Server. Finally, you will learn the ins and outs of the built-in application filters that are provided with the ISA Server.