??????--- ISA Server ?????????? - PowerPoint PPT Presentation

Loading...

PPT – ??????--- ISA Server ?????????? PowerPoint presentation | free to download - id: 6793fd-MjVmY



Loading


The Adobe Flash plugin is needed to view this content

Get the plugin now

View by Category
About This Presentation
Title:

??????--- ISA Server ??????????

Description:

* SSL Publishing Publishing Servers on a Back -to ... The old logs are ... File 9/18/2000 9:28 PM Search Folders History Go Name ... – PowerPoint PPT presentation

Number of Views:119
Avg rating:3.0/5.0
Slides: 97
Provided by: zhaoyunhua
Learn more at: http://www.microsoft.com
Category:

less

Write a Comment
User Comments (0)
Transcript and Presenter's Notes

Title: ??????--- ISA Server ??????????


1
??????--- ISA Server??????????
MICROSOFT
2
????????????????
??? ISA SERVER ??? Tel88472430 13011035647
E-mailyuanzineng_at_bjwne.com
3
????????
???????
2001 Q1-Q3
?????? http//www.cert.org/stats
4
ISA SERVER
5
ISA Server Editions
  • ISA Server Standard Edition
  • ISA Server Enterprise Edition

6
Microsoft ISA Server 2000????????????
?? ??? ???
??????? ???? ???????
??????(policy support) ????? ?????
????? 4?CPU ???
Web?? Web?? Web??
???? ?????? ???????
?????????? ???? ??
????? ????? ?????
?Windows 2000 Active Directory?? ?? ??
?????? ? ?
??????? ? ?
7
?? ISA Server
  • ????????
  • ??????
  • ??????
  • ?? LAT?
  • Upgrading from Microsoft Proxy Server 2.0

8
Identifying Hardware and Software Requirements
CPU
Windows 2000 Server, Windows 2000 Advanced
Server, or Windows Datacenter

300 MHz or higher
256 MB

20 MB
NTFS
Arrays
9
Installation Modes
  • Cache Mode
  • Firewall Mode
  • Integrated Mode

10
Selecting
an Installation Mode
Microsoft ISA Server Status
Select the mode for this server
Firewall mode Select this option to install
enterprise firewallfunctionality.
Cache mode Select this option to install cache
and Web hostingfunctionality. Cache mode
installation is recommended only for
computersthat are not directly connected to the
Internet. If thiscomputer is directly connected
to the Internet, install ISAServer in integrated
mode.
Integrated mode Select this option to install
integrated enterprisefirewall, cache, and Web
hosting functionality.
Microsoft Internet Security and Acceleration
Server Setup
Setup has stopped your IIS publishing service
(W3SVC). After Setup iscomplete, uninstall IIS
or reconfigure all IIS sites not to use ports 80
and8080.
Continue
Exit Setup
Help
OK
Help
11
Specifying the Initial Cache Size
Microsoft Internet Security and Acceleration
Server Setup
Specify the NTFS drives on which caches should be
locatedand the maximum size of each cache.
OK
Cancel
Drive File System Maximum Size (MB)
Help
C NTFS 100
C NTFS 100
Drive C NTFS Available space
(MB) 28722 Cache size (MB) 100 Total cache
size (MB) 100MB
Initial cache size is 100 MB. Add 0.5 MB for each
Web Proxy client.
Set
12
Configuring the LAT
1
Microsoft Internet Security and Acceleration
Server Setup
Click Construct Table to construct a local
address table.
Enter the IP address ranges that span the
internal network address space.
Internal IP ranges
Edit
From To
From
Add-gt
To
Remove-gt
To construct a local address table, click
ConstructTable.
Construct Table
OK
Cancel
Help
Microsoft Internet Security and Acceleration
Server Setup
Enter the IP address ranges that span the
internal network address space.
Internal IP ranges
Edit
From To
From
192.168.1.200 192.168.255
Add-gt
192 168 1 200
To
Remove-gt
192 168 255 255
To construct a local address table, click
ConstructTable.
Construct Table
OK
Cancel
Help
13
Maintaining the LAT and LDT
192.168.100.200192.168.100.300
Msplat.txt
Internet
192.168.100.225
ISA Server
192.168.100.200192.168.100.300
Clients
Msplat.txt
14
Upgrading from Microsoft Proxy Server2.0
Upgrading from Microsoft Windows NT
Upgrade to Windows 2000
Proxy Server 2.0
ISA Server 2000
Upgrading Client Computers
Client Requests
Port 80
Port 8080
15
ISA Server ????
  • Bastion Host (???)
  • Perimeter Network with Three-Homed Firewall
    (???)
  • Perimeter Network with Back-to-Back Firewalls
    (???)

16
Bastion Host
Internet
Firewall
Internal Network
17
Perimeter Network with Three-Homed Firewall
Perimeter Network
Internet
Firewall
Internal Network
18
Perimeter Network with Back-to-Back Firewalls
Perimeter Network
Internet
ISA SRV
ISA SRV
19
Branch Office/Small Business Firewall
Internet
Branch Office orSmall Business
ISA Server
????
Perceived Connection
20
ISA ?????Secure, fast Internet connectivity
Security
Secure Internet Connectivity Through a
Multilayered Firewall
Acceleration
Fast Web Access with a High-Performance Cache
Management
Unified Management with Integrated Administration
Extensibility
Extensible and Open Platform
21
??1 ???Internet??
  • ??????????? (Multilayer)
  • ?????? (Intrusion Detection)
  • ??DMZ? (DMZ Zone)
  • ??????? (Server Publishing)
  • ???VPN?? (Integration VPN)
  • ??????? (Dynamic Filter)
  • ??NAT
  • ?????? (System Harden)
  • ??????

22
?????????
  • ???? ??????
  • IP?(????)
  • ????
  • ??????
  • ???
  • ???????
  • ???????
  • ???
  • ???????

??? Applicationlevel
??? Circuit level
IP? Packet level
23
IP???
IP Header
Payload
UDP/TCP HDR
Src
Dst
payload
port
  • ??IP????
  • ??IP???

24
????????
???
???
  • ??????????
  • ???????????

25
????????
Internet
Client
Company server
  • ????
  • ??????????
  • ?????????

26
Filters and Network Access
Access Policy Allow ?HTTP ?All
Destinations?
Rules Applied
Streaming Media SMTP DNS Intrusion
Streaming Media SMTP
?
Firewall
External Network
Internal Network
27
?????????
Request from internal client
Is there a protocol rule that allows the request?
Is there a site and content rule that allows
the request?
Does a routing rule specify routing to an
upstream server?
No
No
No
Yes
No
No
No
Is there a site and content rule that denies
the request?
Is there a protocol rule that denies the request?
Does an IP packet filterblock the request?
Yes
Yes
Yes
Yes
Yes
Deny request
Retrieve object
Route to upstream server
28
??????Intrusion Detection
  • IP PacketLevel Attacks ?????
  • All types of Port Scan
  • IP Half Scan Attack
  • Ping of death
  • UDP bomb attack
  • WinNuke
  • Land attacks

29
?????
  • DNS Hostname Overflow
  • DNS Length Overflow
  • DNS Zone Transfer from Privileged Ports (11024)
  • DNS Zone Transfer from High Ports (Above 1024)
  • POP Buffer Overflow

30
Configuring Intrusion Detection
IP Packet Filters Properties
General
Packet Filters
PPTP
Intrusion Detection
DNS intrusion detection filter Properties
General
Attacks
Enable detection of the selected attacks
Select Attacks
Filter incoming traffic for the following
Windows out-of-band (WinNuke) Land Ping of
death IP half scan UDP bomb Port scan
DNS host name overflow DNS length overflow DNS
zone transfer from privileged ports (1-1024) DNS
zone transfer from high ports (above 1024)
Select the options that are required to implement
your monitoring strategy.
Detect after attacks on 10 well-known
ports Detect after attacks on 20 ports
To receive alerts about intrusion attacks, see
the properties for specific alerts in the Alerts
folder. Intrusion detection functionality based
on technology from Internet Security Systems,
Inc., Atlanta, GA, USA, www.iss.net
OK
Cancel
Apply
OK
Cancel
Apply
31
?????????????
  1. ??????
  2. ????
  3. ?????????
  4. ???????
  5. ???????

32
ISA ?Proxy2.0???????
  • Proxy2.0
  • ??IIS ??
  • ???????????Proxy Client.
  • ???SSL????
  • ISA
  • ?????????, ?????IIS???
  • ????????????????(???Secure NET ???)
  • ???????? (Port Mapping)
  • ??SSL???? (SSL Bridging)

33
Publishing
Internal Network
External Adapter
Internal Adapter
131.107.3.1
Internet
192.168.9.1
Web Server
www.bjwne.com
34
Publishing Servers on a Back-to-Back Perimeter
Network
LATPerimeterNetwork
Web Server
Internet
ISA Server
ISA Server
Perimeter Network
SQL Server
LATInternal Network
Internal Network
35
Publishing a Server
Start
Name the Rule
Specify Address Mapping
Select a Protocol Setting
Select a Client Type
Finish
36
Publishing a Mail Server
Select to apply content filtering to incoming
SMTP traffic.
37
Guidelines for Using Publishing
If your network
Then use
Does not have a perimeter network
Server publishing
Has a back-to-back perimeter network configuration
Server publishing on both ISA Server computers
Has a three-homed perimeter network configuration
Routing and packet filtering between the Internet
and perimeter network server publishing between
the internal and perimeter networks
38
Network Load Balancing
ISA Server Array
Internet
Published Server
39
VPN
  • Understanding VPNs
  • Connecting Remote Users to a Corporate Network
  • Connecting Remote Networks to a Local Network

40
Connecting Remote Users to a Corporate Network
Corporate Network
ISA ServerComputer
VPN Tunnel
Remote User
41
Connecting Remote Networksto a Local Network
Local Network
ISA ServerComputer
VPN Tunnel
ISA ServerComputer
Remote Network
42
Configuring a VPN to Accept Client Connections
ISA VPN Server Wizard
ISA Virtual Private Network (VPN) Server
Summary ISA Virtual Private Network (VPN) Server
can accept VPN connections from remote clients
over the Internet.
The Server will be configured with the properties
listed below Configure Routing and Remote
Access Server as Virtual Private Network (VPN)
Enforce secured authentication and encryption
methods. Open static packet filters for allowing
PPTP and L2TP over IPSEC protocols. The number of
ports available for clients to connect is 128,
but this number can be
Lists the configuration properties set by the
wizard.
lt Back
Next gt
43
Configuring a Local VPN
Start
Identify the Connections
Select the Protocol(s)
Specify Communication
Specify Remote Addresses
Specify Local Addresses
Finish
Save Configuration File
44
Configuring a Remote VPN
Remote ISA VPN Wizard
ISA VPN Computer Configuration File Specify the
.vpc file to use when setting up and configuring
the ISA Virtual Private Network (VPN) computer.
The .vpc file includes information about the
remote ISA VPN computer.
Specify the .vpc file to use for setting up and
configuring the ISA VPN computer. The .vpc file
includes information about the remote ISA VPN
computer.
Specify the path and file name for the .vpc file.
File name
Browse
Type the password to decrypt the configuration
file.
Type the password for the file.
Password
lt Back
Cancel
Next gt
45
??2 ???Web??
  • ??????????
  • ???? (RAM caching)
  • ???????????
  • ???? (Array CARP)
  • ????????

46
?????
????
Internal Network
Internet
????
Internet
Web Server
?????
Internal Network
Internet
47
The Forward Caching Process
2
GET www.bjwne.com
Internet
3
Object is sent from Internet
5
Object is sent from cache
ISA Server
Cache
1
GET www.bjwne. com
4
GET www.bjwne. com
Client 1
Client 2
48
Reverse Caching (??? ??)
?? Web?????
ISA ?? Web ?????
49
Processing Requests for Cached Objects
RAM
Disk
http//URL A
http//URL A
Cache Entry 1
50
???????????
  • ??????????
  • ISA???????????
  • ISA???????????
  • ??????Internet?????????????????

51
Branch Office/SmallBusiness Office Cache Server
ISA Server
Branch Office
Main Office
Internet
ISA Server
Small Business
52
??????
ISA Server Array
Internet
Corporate Network
53
Configuring HTTP Caching
Select to enable HTTP caching.
54
Configuring FTP Caching
Cache Configuration Properties
General
HTTP
FTP
Active Caching
Advanced
Enable FTP caching
Specify a time for FTP objects to remain in the
cache.
Time to Live for all objects
1440 Minutes
Restore Defaults
OK
Cancel
Apply
55
Configuring Active Caching
Select to create an active caching policy.
56
Configuring Advanced Cache Settings
Select to configure cache settings for specific
objects.
57
??3????????
  • ?????????
  • ???????????
  • ?????Win2000??????
  • ??MMC?????
  • ?????, ????
  • ????????
  • ??????(QoS)
  • ??????
  • ???????

58
??????
  • Policy Element Overview
  • Creating Schedules
  • Creating Bandwidth Priorities
  • Creating Destination Sets
  • Creating Client Address Sets
  • Creating Protocol Definitions
  • Creating Content Groups

59
Creating Schedules
New schedule
Name Lunch Hours and Weekends Description Use
this schedule to permit access to sites lunch
hours and weekends.
Set the activation times for rules that are based
on this schedule.
12 2 4 6 8 10 12 2
4 6 8 10 12
Al Sunday Monday Tuesday Wednesday Thursday Friday
Saturday
Click Active to add portions of the week, or
click Inactive to remove portions of the week.
Sunday from 12 AM to 12 AM
Active
Inactive
OK
Cancel
60
Creating Bandwidth Rules
Start
Name the Rule
Select the Protocol(s)
Select a Schedule
Select a Client Type
Select a Destination Type
Select a Content Group
Finish
Select Bandwidth Priority
61
Creating Bandwidth Priorities
New Bandwidth Priority
Name Description(optional)
High Priority Assigns high priority to incoming
traffic.
New Bandwidth Priority
Name Description(optional)
Basic Priority Assigns high priority to incoming
traffic.
Outbound bandwidth (1-2000) Inbound bandwidth
(1-200) 30
Outbound bandwidth (1-2000) Inbound bandwidth
(1-200) 20
OK
Cancel
OK
Cancel
62
Creating Site and Content Rules
Start
Name the Rule
Specify the Rule Action
Select a Destination Set
Select a Schedule
Finish
Select a Client Type
63
Creating Destination Sets
New Destination Set
Name Partner Web Description (optional)
Include these computers
Add/Edit Destination
Name/IP Range Path
Computer name nwtraders.msft IP addresses
Browse
From To (optional)
Remove
Edit
Add
To include a specific directory in the
destination set, type the pathbelow. To include
all the files, use this format /dir/. To select
a specific file, use this format
/dir/filename. Path /sales/accounts.xls
Cancel
OK
Cancel
OK
64
Creating Client Address Sets
Client Set
Name Support Staff Description(optional)
Select the addresses of computers that belong to
this clientaddress set. Members
Add/Edit IP Addresses
Client set IP addresses
From To
From 192 . 168 . 101 . 0 To 192 . 168
. 101 . 255
  • Edit Remove

Add
Cancel
OK
Cancel
OK
65
Creating Protocol Rules
Start
Name the Rule
Specify the Rule Action
Select the Protocol(s)
Select a Schedule
Finish
Select a Client Type
66
Creating Protocol Definitions
Type a number between between 1 and 65535 to
specify the port number.
67
Creating Content Groups
ISA Management
Action View
Name Description Content Types
Tree
Application Applications application/hta.applicati
on/x-internet-signup.application/x-pkcs7-certific
Application Data Files Files containing data for
applications application/x-mscardfile.application/
x-perform.application/x-msclip.appl Audio Audio
files audio.,.ra,.ram,.rmi,.au,.snd,.aif,.aifc,.w
av,.m3u,.mid,.mp3 Compressed Files Compressed
Files application/x-gzip,application/x-tar,applica
tion/x-gtar,application/x-com Documents Documents
text/tab-separated-values,text/xml,text/h323,appli
cation/postscript,appl HTML Documents HTML
Documents text/webviewhtml,text/html,.htm,.html,.h
tt,.stm,.xsl Images All known types of
images .cod,.cmx,.ief,.pbm,.pnm,.ppm,.gif,.bmp,.jf
if,.jpe,.jpg,.jpeg,.ico,.pgm,.ras Macro
Documents Documents that may contain
macr application/msword,application/vnd.ms-excel,
application/x-msaccess,a Text Text
content .txt,.h,.c,.htc,.vcf,.etx,.uls,.css,.bas,.
rtx,text/plain,text/x-component,text/ Video Video
files video/,.asf,.asr,.asx,.avi,.ivf,.lsf,.lsx,.
mov,.movie,.mlv,.mp2,.mpa,.mpe,. VRML VRML x-world
/x-vrml,.flr,.wrl,.wrz,.xaf,.xof
Internet Security and Acceleration
Server Servers and Arrays LONDON Monitoring
Computer Access Policy Publishing Band
width Rules Policy Elements Schedules B
andwidth Priorities Destination
Sets Client Address Sets Protocol
Definitions
ISA Server includes several preconfigured content
groups.
68
????
  • Basic Authentication
  • Digest Authentication
  • Integrated Windows Authentication
  • Client Certificate Authentication

69
Authentication Overview
Internet
SecureNAT Client No user-based authentication.
ISA Server
Web Proxy Client Authentication is dependent
onbrowser and operating environment.
Firewall Client Authentication is based on client
credentials.
70
Configuring Authentication for Outgoing Web
Requests
LONDON Array Properties
Incoming Web Requests
Performance
Auto Discovery
Security
General
Outgoing Web Requests
Identification
Use the same listener configuration for all
internal IP addresses. Configure listeners
individually per IP address
Server IP Address Display N Authentic Server C
LONDON ltAll internal Integrated
Add
Remove
Edit
TCP port 8080 SSL port 8443
Enable SSL listeners
Connections
Connection settings
Configure
Ask unauthenticated users for identification
OK
Cancel
Apply
71
Configuring Authentication Methods
Add/Edit Listeners
72
Adjusting Cache Size
LONDON Properties
Cache Drives
LONDON
Drive Type Disk space Free space Cache Size
Specify the size of the cache.
Set
100
Maximum cache size (MB)
Total disk space (MB) 39064 Total maximum cache
size (MB) 100
OK
Cancel
Apply
The .cdat file on the drive will be the same size
as the cache.
73
Adjusting Memory Allocation
Cache Configuration Properties
General
HTTP
FTP
Active Caching
Advanced
Do not cache objects larger than 1 KB Cache
objects that have an unspecified last
modification time Cache objects even if they do
not have an HTTP status code of 200 Cache dynamic
content (objects with question marks in the URL)
Maximum size of URL cached in memory
(bytes) 12800
If Web site of expired object cannot be reached
Do not return the expired object (return an error
page) Return the expired object only if
expiration was At less that this percentage of
original Time 50to Live But no more than
(minutes) 60
Type a number between 1 and 100 to specify the
maximum percentage of memory.
Percentage of available memory to use for
caching 50
Restore Defaults
OK
Cancel
Apply
74
???????????
  • ?????
  • Enterprise
  • Array
  • Stand-alone
  • ????
  • ??
  • ??
  • ??

75
???????????????
76
Combining Enterprise Policies and Array Policies

Select this option to allow array-level settings.
77
Cach Array Routing Protocol
Array Membership List
Server 1 Server 2Server 3Server 4 Server 5
Internet
array.dll?Get.Info.v1
Web Proxy Client
78
Configuring CARP(Cache Array Routing Protocol )
LONDON Properties
LONDON Properties
General
Array Memberships
Identification
Use the same listener configuration for all
internal IP addresses. Configure listeners
individually per IP address
Intra-array communication
Use this IP address for intra-array communication
Server IP Address Display N Authentic Server C
LONDON ltAll inter Integrated
131 . 107 . 3 . 1
Find
Add
Remove
Edit
Load Factor
TCP port 8080 SSL port 8443
Specify the load factor for this server. This
number indicates the relative cache availability
of this server compared to the rest of the array
members
Enable SSL listeners
Connections
100
Connection settings
Configure
Ask unauthenticated users for identification Resol
ve requests within array before routing
Select to enable CARP.
OK
Cancel
Apply
OK
Cancel
Apply
79
ISA ??????
  • 3??????
  • Web Proxy Client
  • Secure NAT Client
  • Firewall Client

80
Internet
SecureNAT Client Do not require you to deploy
client software or configure client computers.
ISA Server
Web Proxy Client Improve the performance of Web
requests for internal clients.
Firewall Client Allow Internet access only for
authenticated users.
81
?? Web Proxy ???
Local Area Network (LAN) Settings
Automatic configuration
Automatic configuration may override manual
settings. To ensurethe use of manual settings,
disable automatic configuration.
Automatically detect settings Use automatic
configuration script
2
Type the IP address or name of the ISA Server
computer in the Address box.
1
Proxy Server
Select the Use a proxy server check box.
3
Use a proxy server
Type the port number in the Port box, and then
click OK.
Port
Address
8080
192.168.1.200
Bypass proxy server for local addresses
OK
Cancel
82
ISA Server Microsofts FirewallISA Server ??
83
??????
  • ???????????
  • ????????
  • ??????
  • ??????
  • ??????????
  • ?????????????????
  • ?????????????

84
ISA Server Alert Events
Intrusion detected Properties
General
Events
Actions
Name Intrusion detected
Description An external user attempted an
intrusion atta(optional)
Enable
OK
Cancel
Apply
85
Configuring Alerts
Intrusion detected Properties
Intrusion detected Properties
General
Events
Actions
General
Events
Actions
Event Intrusion detected Description An
intrusion was attempted by an external Additional
condition Any intrusion
Send e-mail
Browse
SMTP server europe.london.msft To administrator_at_
nwtraders.msft Cc From administrator_at_nwtraders.m
sft
Actions will be executed when the selected
conditions occur
Test
Number of occurrences before the alert is
issued 1 Number of events per second before the
alert is issued 0
Program
Run this program
Recurring actions are performed
Browse
Immediately After manual reset of alert If time
since last execution is more than minutes
Set Account
Use this account
Report to Windows 2000 event log Stop selected
services Start selected services
Select
Select
OK
Cancel
Apply
OK
Cancel
Apply
ISA Administrator
86
??????
Intrusion detected Properties
General
Events
Actions
Event Intrusion detected Description An
intrusion was attempted by an external Additional
condition Any intrusion
Actions will be executed when the selected
conditions occur
Number of occurrences before the alert is
issued 1 Number of events per second before the
alert is issued 0
Choose options to customize alert action for the
event.
Recurring actions are performed
Immediately After manual reset of alert If time
since last execution is more than minutes
Apply
OK
Cancel
87
????
  • Configuring Logging
  • Logging Packet Filter Activity

88
Configuring Logging
Click File to save logs to a file by using the
W3C format or ISA format.
Click Database to save logs to an ODBC database.
89
Logging Packet Filter Activity
DNS Block Properties
General
Filter Type
Local Computer
Remote Computer
Name DNS Block
IP Packet Filters Properties
Events
Intrusion Detection
General
PPTP
Mode Block packet transmission between specified
IP addresses, ports, and protocols
Use this page to configure packet filter
properties.
Description (optional)
Program
Enable filtering of IP fragments Enable filtering
IP options Log packets from Allow filters
Clear to prevent logging blocked packets.
Select to log allowed packets.
Log any packets matching this filter Enable this
filter
OK
Cancel
Apply
OK
Cancel
Apply
90
ISA????????
  • ???????
  • Summary
  • Web usage
  • App usage
  • Traffic
  • Security
  • ? HTML????
  • ???????

91
Managing the EnvironmentComprehensive Reporting
Capabilities
Web-based report on top users
92
??4?????????
  • ???????????
  • ??????Web filters
  • ????????COM????
  • ??Cache ??????API
  • ????UI (MMC)
  • ??SDK???

93
What is ISA server?
  • ISA Server ???????
  • ???????????????

94
Firewall Product Comparison
Microsoft ISA Server Check Point FW-1 Cisco PIX Symantec Raptor NAI Gauntlet
Packet Filtering Stateless, Stateful Stateless, Stateful Stateless, Stateful Stateless, Stateful Stateless, Stateful
Network Address Translation ? ? ? ? ?
Application Level Proxy ? Limited Limited ? ?
Centralized Policy Management ? ? Limited Limited ?
Integrated Web Cache ? ? ? ? ?
Embedded Intrusion Detection ? separate separate separate ?
Embedded VPN ? ? Limited ? ?
Bandwidth Management ? separate separate separate separate
Built-in Reporting ? separate Limited ? ?
95
ISA???
  • ???BSH (owned by Bosch and Siemens, 3rd largest
    WW appliance manufacturer)
  • 37000 employees
  • DMZ Firewall, Internal Firewall
  • NSCP -gt ISA Reliability, performance,
    Authentication
  • ????Shell
  • 75,000 Win2k desktops running ISA firewall client
  • 6 ISA servers be deployed on Win2k DC in 3 data
    centers around the world.
  • Evaluating ISA over Firewall-1
  • ?????Celestial Asia Securities Holdings (Cash)
  • Win over Firewall-1 for e-commerce scenario
    (publishing)
  • Win over PIX for DMZ scenario (secure internet
    access)
  • ???University of Texas( ????)
  • ISA in production as Firewall 10K users

96
ISA ?????
  • ????????
  • ??????????
  • ?????????
  • ???????????
  • ????????????
  • ?????????, ????
  • ????????
  • ?? ?????
About PowerShow.com