A detailed look into best practice design, deployment, and maintenance of an ISA Server 2004 Environment.  Written by industry expert Michael Noel, of Convergent Computing, ISA Server 2004 Unleashed provides guidance for ISA deployment scenarios, including step by step guides for configuring ISA to secure Exchange Outlook Web Access, deploying ISA Server 2004 Enterprise edition arrays, setting up Site to Site VPNs, deploying ISA as a reverse proxy in the DMZ of a firewall, and much more.  This book covers ISA in great detail, with emphasis on real-world situations and labor-saving scripts that help administrators take control of an ISA environment and leverage its full potential to provide unprecedented levels of security to an environment.

Table of Contents:
Introduction. The Target Audience of This Book. The Organization of This Book. Conventions Used in This Book. I. DESIGNING, EXPLORING, AND UNDERSTANDING ISA SERVER 2004. 1. Introducing ISA Server 2004.     Understanding the Need for ISA Server 2004       Outlining the High Cost of Security Breaches       Outlining the Critical Role of Firewall Technology in a Modern Connected Infrastructure       Understanding the Growing Need for Application-Layer Filtering     Detailing the Additional Advantages of ISA Server 2004       Allowing for More Intelligent Remote Access with Virtual Private Networks (VPNs)       Using Web Caching to Improve and Control Web Browsing       Reducing Setup and Configuration Time with an ISA Server 2004 Hardware Solution       Reducing Administrative Overhead and Potential for Errors with Simplified Management Tools       Preserving Investment in Existing Security Solutions     Understanding the History of ISA Server 2004       Outlining Initial Microsoft Security Solutions       Exploring a New Product-Proxy Server       Unleashing a New Model: the Internet Security and Acceleration Server 2000       Unveiling the Next Generation: ISA Server 2004     Exploring the New Features of ISA Server 2004       Choosing the ISA Server 2004 Operating System       Choosing Between ISA Server 2004 Enterprise or Standard Editions     Detailing Deployment Strategies with ISA Server 2004       Deploying ISA Server 2004 as an Advanced Application-Layer Inspection Firewall       Securing Applications with ISA Server 2004's Reverse Proxy Capabilities       Accelerating Internet Access with ISA Server 2004's Web Caching Component       Controlling and Managing Client Access to Company Resources with Virtual Private Networks (VPNs)       Using the Firewall Client to Control Individual User Access     Augmenting an Existing Security Environment with ISA Server 2004       Utilizing ISA Server 2004 in Conjunction with Other Firewalls       Deploying ISA Server 2004 in a RADIUS Authentication Environment     Administering and Maintaining an ISA Server 2004 Environment       Taking Advantage of Improvements in ISA Management Tools       Backing Up and Restoring ISA Server Environments       Maintaining an ISA Server Environment       Monitoring and Logging Access     Using ISA Server 2004 to Secure Applications       Securing Exchange Outlook Web Access (OWA) with ISA Server 2004       Locking Down Web Application Access       Securing Remote Procedure Call (RPC) Traffic     Summary     Best Practices 2. Installing ISA Server 2004.     Reviewing ISA Server 2004 Prerequisites       Reviewing Hardware Prerequisites       Understanding ISA Operating System Requirements       Examining Windows and ISA Service Packs       Outlining ISA Network Prerequisites     Procuring and Assembling ISA Hardware       Determining when to Deploy Dedicated ISA Hardware Appliances       Optimizing ISA Server Hardware     Building Windows Server 2003 as ISA's Operating System       Installing Windows Server 2003 Standard Edition       Configuring Network Properties       Installing the Optional Message Screener Components       Applying Windows Server 2003 Service Pack 1       Updating and Patching the Operating System     Determining Domain Membership Versus Workgroup Isolation       Understanding Deployment Scenarios with ISA Domain Members and ISA Workgroup Members       Working Around the Functional Limitations of Workgroup Membership       Changing Domain Membership     Installing the ISA Server 2004 Software       Reviewing ISA Software Component Prerequisites       Installing ISA Server 2004 Standard Edition     Performing Post-Installation ISA Updates       Installing ISA Server 2004 Service Pack 1       Checking the ISA Site for ISA Updates       Installing Third-Party ISA Tools     Securing the Operating System with the Security Configuration Wizard       Installing the Security Configuration Wizard       Creating a Custom ISA Security Template with the Security Configuration Wizard     Summary     Best Practices 3. Exploring ISA Server 2004 Tools and Concepts.     Exploring the ISA Server 2004 Management Console       Defining ISA Server Console Terminology and Architecture       Exploring ISA Console Panes       Examining ISA Console Nodes     Configuring Networks with ISA Console Network Wizards and Tools       Exploring the Networks Node       Understanding the Definition of ISA Networks       Outlining Network Sets       Defining Network Templates       Exploring Network Rules       Running the Network Template Wizard       Understanding Web Chaining     Exploring Firewall Policy Settings       Examining the Firewall Policy Node       Understanding Firewall Access Rules       Examining Publishing Rules and the Concept of Reverse Proxy       Understanding System Policy Rules and the System Policy Editor       Defining the Contents of the Firewall Policy Toolbox     Navigating the Monitoring Node Options       Configuring the Dashboard       Viewing Alerts       Monitoring Sessions and Services       Generating Reports       Verifying Connectivity       Logging ISA Access     Working with the Virtual Private Networks Node       Enabling and Configuring VPN Client Access       Configuring Remote Access Configuration       Creating Remote Site Networks for Site-to-Site VPN       Understanding VPN Quarantine     Examining the Cache Node Settings       Enabling Caching       Understanding Cache Rules       Examining Content Download Jobs     Configuring Add-ins       Exploring Application Filters       Examining Web Filters     Exploring the ISA General Node       Delegating ISA Administration       Configuring Firewall Chaining       Defining Firewall Client Parameters       Exploring Link Translation       Configuring Dial-Up Preferences       Examining Certificate Revocation Options       Viewing ISA Server Details       Defining Connection Limits       Setting Intrusion Detection Thresholds       Defining RADIUS Servers       Defining IP Preferences     Summary     Best Practices 4. Designing an ISA Server 2004 Environment.     Preparing for an ISA Server 2004 Design       Identifying Security Goals and Objectives       Documenting and Discovering Existing Environment Settings       Matching Goals and Objectives to ISA Features       Managing a Deployment Project       Documenting the Design     Upgrading Existing ISA Server 2000 Systems to ISA Server 2004       Exploring Differences Between ISA 2000 and ISA Server 2004       Exporting ISA 2000 Settings to ISA Server 2004       Cleaning Up ISA 2000 Rules and Migration Components     Determining the Number and Placement of ISA Servers       Sizing an ISA Server Deployment       Choosing Between ISA Server Standard Edition and ISA Server Enterprise Edition       Deploying ISA to Branch Offices     Prototyping a Test ISA Server Deployment       Setting Up a Prototype Lab for ISA Server 2004       Emulating and Testing ISA Settings       Exporting Prototype Lab Configs     Piloting an ISA Server Deployment       Organizing a Pilot Group       Understanding ISA Pilot Scenarios       Running Penetration Tests and Attacks Against the Pilot Infrastructure     Implementing the ISA Server Design       Validating Functionality       Supporting the ISA Environment Long-Term     Designing ISA Server 2004 for Organizations of Varying Sizes       Examining an ISA Server 2004 Deployment for a Small Organization       Examining an ISA Server 2004 Deployment for a Midsized Organization       Examining an ISA Server 2004 Deployment for a Large Organization     Summary     Best Practices II. DEPLOYING ISA SERVER 2004. 5. Deploying ISA Server 2004 as a Firewall.     ISA as a Full-Function Security Firewall       Defining the Concept of a Firewall       Filtering Traffic at the Application Layer       Understanding Common Myths and Misperceptions About ISA     Multi-networking with ISA Server 2004       Setting Up a Perimeter Network with ISA       Deploying Additional Networks     Defining ISA Firewall Networks       Understanding ISA's Concept of a Network       Understanding Network Rules with ISA Server 2004       Working with the Default Network Templates       Deploying an ISA Firewall using the Edge Firewall Template     Reviewing and Modifying Network Rules       Modifying Network Rules       Creating New Network Rules     Understanding Firewall Policy Rules       Modifying Firewall Policy Rules       Creating Firewall Policy Rules     Examining Advanced ISA Firewall Concepts       Publishing Servers and Services       Reviewing and Modifying the ISA System Policy     Summary     Best Practices 6. Deploying ISA Server Arrays with ISA Server 2004 Enterprise Edition.     Understanding ISA Server 2004 Enterprise Edition       Exploring the Differences between the Standard and Enterprise Versions of ISA Server 2004       Designing an ISA Server 2004 Enterprise Edition Environment     Deploying the Configuration Storage Server (CSS)       Determining CSS Placement       Installing CSS       Setting Up Additional CSS Replicas     Setting Up Enterprise Networks and Policies       Delegating Administration of ISA       Defining Enterprise Networks       Establishing Enterprise Network Rules       Creating Enterprise Policies       Creating Enterprise Access Rules for the Enterprise Policy       Changing the Order of Enterprise Policy Rules     Creating and Configuring Arrays       Creating Arrays       Configuring Array Settings       Creating the NLB Array Network       Defining Array Policies     Installing and Configuring ISA Enterprise Servers       Satisfying ISA Server Installation Prerequisites       Installing the ISA Server Software       Configuring the Inter-Array Communication IP Address     Configuring Network Load Balancing and Cache Array Routing Protocol (CARP) Support       Understanding Bi-Directional Affinity with Network Load Balancing (NLB)       Enabling NLB for ISA Networks       Defining Cache Drives for CARP       Enabling CARP Support     Summary     Best Practices 7. Deploying ISA Server as a Reverse Proxy in an Existing Firewall DMZ.     ISA Server 2004 as a Security Appliance       Understanding How Reverse Proxies Work       Deploying a Unihomed ISA Server as a Security Appliance       Understanding the Capabilities of ISA Server 2004 Reverse Proxy       Defining Web Server Publishing Rules for Reverse Proxy       Using a Unihomed ISA Server for SMTP Filtering     Deploying Unihomed ISA Server 2004 Security Appliances       Applying the Single Network Adapter Network Template to a Unihomed ISA Server       Deploying a Preconfigured ISA Hardware Appliance     Configuring Existing Firewalls to Utilize ISA Server 2004 Reverse Proxy       Understanding Packet-Filter Firewall Configuration for ISA Server Publishing       Isolating and Securing an ISA Security Appliance     Publishing and Securing Services in an Existing DMZ       Configuring a Unihomed ISA Server to Reverse Proxy Exchange Outlook Web Access       Configuring a Unihomed ISA Server to Reverse Proxy Web Services       Configuring a Unihomed ISA Server to Act as an SMTP Smarthost     Understanding Advanced ISA Security in Enterprise Environments       Deploying ISA Security Appliances for Redundancy and Load Balancing       Monitoring and Intrusion Detection on ISA Servers in the DMZ     Summary     Best Practices 8. Deploying ISA Server 2004 as a Content Caching Server.     Understanding the Acceleration Component of the Internet Acceleration Server 2004       Improving Web Access by Caching Content       Protecting and Monitoring Client Web Access       Pre-downloading Commonly Used Content     Designing ISA Server 2004 Caching Solutions       Understanding the Types of Proxy Servers       Sizing Hardware Components for an ISA Caching Server       Deploying Caching Redundancy with the Cache Array Routing Protocol (CARP)     Enabling ISA Server 2004 as a Web Caching Server       Configuring ISA Server to Provide Web Caching Capabilities       Changing Default Cache Settings       Configuring Cache Rules       Configuring Proxy Web Chaining       Setting Up a Content Download Job     Configuring Proxy Clients       Enabling an ISA Transparent Proxy       Manually Configuring Client Proxy Settings       Creating an Active Directory Group Policy Object (GPO) to Streamline the       Deployment of Client Cache Settings       Configuring Proxy Client Autodiscovery with DHCP       Configuring Proxy Client Autodiscovery with DNS     Summary     Best Practices 9. Enabling Client Remote Access with ISA Server 2004 Virtual Private Networks (VPNs).     Examining ISA Server 2004 VPN Capabilities and Requirements       Understanding ISA Server 2004 VPN Protocols       Comparing PPTP and L2TP Compression Methods       Understanding PPTP and L2TP Encryption and Data Security Methods       Comparing PPTP and L2TP Authentication Methods       Analyzing VPN Protocol Implementation Issues       Understanding Network Bandwidth Constraints with VPNs       Preparing Internal Resources for Remote Access     Designing an ISA Server 2004 VPN Infrastructure       Deploying an ISA VPN Server as a Domain Member       Deploying an ISA VPN Server as a Standalone Server (Workgroup Member)     Enabling VPN Functionality in ISA Server       Creating Network Relationships for the VPN Users Network       Enabling Client VPN Access from the Console       Assigning IP Addresses to Remote Users       Assigning Routes to Remote Users       Authenticating VPN Users       Working with and Creating Rules for the VPN Clients Network     Utilizing RADIUS Authentication for VPN Connections       Installing the Internet Authentication Service (IAS) for Active Directory RADIUS Support       Detailing IAS Permissions Required in Active Directory       Setting Up the ISA Server as an IAS Client       Establishing IAS Remote Access Policies       Examining RADIUS Message Authentication       Configuring ISA to Use IAS for Authentication     Configuring ISA for Point-to-Point Tunneling Protocol (PPTP) VPN Connections       Configuring an ISA VPN Connection to Use PPTP       Configuring a Windows XP Professional Client for PPTP Communication       Testing the PPTP Connection     Creating Layer 2 Tunneling Protocol (L2TP) VPN Connections with ISA       Configuring an IPSec Pre-Shared Key       Configuring a Windows XP Professional Client for an L2TP VPN Connection     Creating a Public Key Infrastructure (PKI) for L2TP with IPSec Support       Installing the Enterprise Root Certificate Authority (CA)       Configuring the Enterprise Root CA       Requesting a Certificate for the ISA VPN Server       Requesting a Certificate for the VPN Client       Downloading the CA Certificate       Exporting and Importing Certificates       Using Active Directory Autoenrollment     Using the Connection Manager Administration Kit (CMAK) to Automate VPN Client Deployment       Installing the Connection Manager Administration Kit (CMAK)       Creating CMAK Profiles for Client Deployment Automation       Deploying the Custom CMAK Profile on a Windows XP Client     Enabling ISA Server 2004 VPN Quarantine       Installing the Remote Access Quarantine Service (RQS)       Configuring the RQS Protocol Definition in ISA       Configuring RQS Rules for ISA       Enabling VPN Quarantine in ISA       Customizing a CMAK Package for VPN Quarantine     Summary     Best Practices 10. Extending ISA 2004 to Branch Offices with Site-to-Site VPNs.     Understanding Branch-Office Deployment Scenarios with ISA Server 2004       Extending the Network Without WAN Links or Unnecessary Complexity       Controlling and Filtering Traffic Across WAN Segments       Understanding Site-to-Site VPN Capabilities and Options       Understanding RADIUS Authentication Options for Site-to-Site VPN Connections       Outlining a Site-to-Site VPN Scenario     Preparing ISA Servers for Site-to-Site VPN Capabilities       Enabling VPN Client Access       Creating VPN User Accounts on Both Servers       Defining Address Assignments       Selecting the Correct VPN Interface       Choosing Between Authentication Mechanisms     Configuring a Point-to-Point Tunneling Protocol (PPTP) Site-to-Site VPN Between Two Remote Offices       Configuring the PPTP Remote Site Network Definition on the ISA Servers       Creating Network and Firewall Rules     Configuring a Layer 2 Tunneling Protocol (L2TP) Site-to-Site VPN Connection Between Two ISA Servers in Remote Sites       Deciding Between Shared Key and PKI       Configuring a PKI Infrastructure for PKI-Based Certificate Encryption       Requesting a Certificate for the ISA VPN Server       Configuring the L2TP Remote Site Network Definition on the ISA Servers     Configuring ISA 2004 to Integrate with Third-Party VPN Tunnel Products       Setting Up an IPSec Tunnel Mode VPN Connection       Configuring the Third-Party VPN Site       Configuring the Third-Party VPN Server     Configuring Network and Firewall Rules Between ISA Site Networks       Creating Network Rules Between ISA Site Networks       Creating Firewall Rules Between ISA Site Networks     Summary     Best Practices 11. Understanding Client Deployment Scenarios with ISA Server 2004.     Outlining Client Access with ISA Server 2004       Defining the ISA Firewall Client       Defining the SecureNAT Client       Defining the Web Proxy Client       Outlining the VPN Client     Preparing an ISA Environment for the Firewall Client       Installing the ISA Firewall Client Share       Using DHCP to Configure ISA Server for Auto Detection       Configuring Proxy Client Autodiscovery with DNS       Enabling Auto Discovery from ISA Server     Installing the ISA Firewall Client       Manually Installing the ISA Firewall Client       Using Unattended Setup Scripts to Deploy the ISA Firewall Client       Deploying the Firewall Client via Active Directory Group Policies     Working with the ISA Firewall Client       Getting Familiar with the Firewall Client Functionality       Modifying Rules for Firewall Clients       Using the Firewall Client Tool Pack (FWCToolPack)     Summary     Best Practices III. Securing Servers and Services with ISA Server 2004. 12. Securing Outlook Web Access (OWA) Traffic.     Enabling Secure Sockets Layer (SSL) Support for Exchange Outlook Web Access       Understanding the Need for Third-Party Cas       Installing a Third-Party CA on an OWA Server       Using an Internal Certificate Authority for OWA Certificates       Forcing SSL Encryption for OWA Traffic       Customizing and Securing an OWA Website from Internal Access     Securing Exchange Outlook Web Access with ISA Server 2004       Exporting and Importing the OWA Certificate to the ISA Server       Creating an Outlook Web Access Publishing Rule       Redirecting HTTP OWA Traffic to HTTPS traffic       Customizing Forms-Based Authentication       Enabling the Change Password Feature in OWA Through an ISA Publishing Rule     Summary     Best Practices 13. Securing Messaging Traffic.     Understanding the Need for Secure Mail Access       Weighing the Need to Communicate Versus the Need to Secure       Outlining ISA Server 2004's Messaging Security Mechanisms     Configuring ISA Server 2004 to Support OMA and ActiveSync Access to Exchange       Enabling and Supporting OMA and ActiveSync on the OWA Server       Supporting Mobile Services in ISA when Using Forms-Based Authentication for OWA       Deploying Multiple OWA Virtual Servers       Assigning a New IP Address on the ISA Server for the Additional Web Listener       Setting Up an Outlook Mobile Access (OMA) and ActiveSync Publishing Rule     Configuring ISA Server to Secure RPC over HTTP(S) Traffic       Installing the RPC over HTTP Proxy       Configuring RPC over HTTPS on an Exchange Back-End Server       Configuring RPC over HTTPS on an Exchange Front-End Server       Modifying the Registry to Support a Single-Server Exchange RPC over HTTP Topology       Creating the RPC Virtual Directory on the Proper Virtual Server       Securing RPC over HTTPS Servers with an ISA Publishing Rule       Setting Up an Outlook 2003 Profile to Use RPC over HTTP     Securing Exchange MAPI Access       Configuring MAPI RPC Filtering Rules       Deploying MAPI Filtering Across Network Segments     Securing POP and IMAP Exchange Traffic       Creating and Configuring a POP Mail Publishing Rule       Creating and Configuring an IMAP Mail Publishing Rule     Managing and Controlling Simple Mail Transport Protocol (SMTP) Traffic       Installing and Configuring the SMTP Service on the ISA Server       Installing the ISA SMTP Screener Component       Enabling Outbound and Inbound SMTP Filtering with the SMTP Message Screener       Configuring Exchange to Forward Outbound Messages to ISA       Customizing the SMTP Filter     Summary     Best Practices 14. Securing Web (HTTP) Traffic.     Outlining the Inherent Threat in Web Traffic       Understanding Web (HTTP) Exploits       Securing Encrypted (Secure Sockets Layer) Web Traffic     Publishing and Customizing Web Server Publishing Rules       Using the Web Server Publishing Wizard       Exploring the General Tab Options       Understanding the Action Tab       Exploring From Tab Options       Outlining To Tab Options       Exploring the Traffic Tab and Filtering HTTP Packets       Understanding Listener Tab Configuration Options       Viewing Public Name Options       Understanding Paths Tab Options       Exploring the Bridging Tab       Understanding the Users Tab       Outlining Schedule Tab Options       Exploring the Link Translation Tab     Configuring SSL-to-SSL Bridging for Secured Websites       Working with Third-Party Certificate Authorities       Installing a Local Certificate Authority and Using Certificates       Modifying a Rule to Allow for End-to-End SSL Bridging     Securing Access to SharePoint 2003 Sites with ISA 2004       Understanding SharePoint 2003       Publishing a SharePoint Site with ISA Server Publishing Rules       Using Link Translation to Hide Internal SharePoint Links     Summary     Best Practices 15. Securing RPC Traffic.     Understanding the Dangers of Remote Procedure Call (RPC) Traffic       Examining How Remote Procedure Call (RPC) Traffic Works       Outlining RPC Exploits       Understanding the Need for RPC Filtering Versus RPC Blocking     Securing RPC Traffic Between Network Segments       Outlining How ISA RPC Filtering Works       Deploying ISA for RPC Filtering     Publishing RPC Services with ISA Server 2004       Publishing an RPC Service       Creating Custom RPC Protocol Definitions     Using Network Monitor for Custom RPC       Installing Network Monitor       Using Network Monitor to Scan Traffic for RPC UUIDs     Creating Server Publishing Rules       Outlining Default Server Publishing Rules in ISA Server       Creating a Server Publishing Rule       Defining a Custom Publishing Rule     Summary     Best Practices IV. SUPPORTING AN ISA SERVER 2004 INFRASTRUCTURE. 16. Administering an ISA Server 2004 Environment.     Defining the Role of the ISA Administrator       Understanding Who Administers the ISA Environment       Exploring ISA Administrator Roles     Deploying a Role-Based Access Control Model for ISA Server 2004       Exploring the Concept of Active Directory Access Groups and Role Groups       Illustrating a Role-Based Access Approach     Delegating and Customizing Administrative Access to the ISA Console       Creating Active Directory Groups for Admin Access       Creating Local Server Users and Groups for Admin Access       Delegating Admin Access to ISA Server     Administering an ISA Server Remotely       Installing the ISA Server Management Console       Configuring an ISA Server for Remote Desktop Protocol Access     Working with ISA Server 2004 Lockdown Mode       Administering and Understanding Lockdown Mode       Triggering and Resetting ISA Lockdown Mode     Performing Advanced ISA Administration       Renaming an ISA Server in the Console       Administering Multiple ISA Servers     Summary     Best Practices 17. Maintaining ISA Server 2004.     Understanding the Importance of a Maintenance Plan for ISA       Keeping Ahead of Updates and Patches       Taking a Proactive Approach to Security Maintenance       Understanding ISA Server's Role in an IT Maintenance Plan     Updating ISA's Operating System       Manually Patching an ISA Server       Verifying Windows Update Access in the ISA System Policy       Working with Windows Update to Patch the Operating System       Managing ISA Server Updates and Critical Patches       Prototyping ISA Server Patches Before Updating Production Equipment     Performing Daily Maintenance       Monitoring the ISA Dashboard       Checking Overall Server Functionality       Verifying Backups       Monitoring the Event Viewer     Performing Weekly Maintenance       Checking for Updates       Checking Disk Space       Verifying Hardware       Archiving Event Logs     Performing Monthly Maintenance       Maintaining File System Integrity       Testing the UPS       Validating Backups       Updating Automated System Recovery Sets       Updating Documentation     Performing Quarterly Maintenance       Changing Administrator Passwords       Audit the Security Infrastructure       Gather Performance Metrics       Reassess Goals and Objectives     Summary     Best Practices 18. Backing Up, Restoring, and Recovering an ISA Server 2004 Environment.     Understanding ISA Server's Backup and Recovery Capabilities       Using Export and Import Functionality to Simplify Recovery       Backing Up Individual ISA Components     Exporting ISA Settings for Backups       Exporting Individual Sets of Rules       Exporting the Entire ISA System Config to an XML File       Exporting URL Sets     Importing ISA Settings for Restores       Importing Individual ISA Components       Importing Entire ISA Configs       Importing URL Sets     Automating ISA Server Export with Custom Scripts       Creating and Deploying an ISA Server Automatic Export Script       Scheduling the Automatic ISA Export Script       Restoring an ISA Server from the ISA Export Script     Using Traditional Backup and Restore Tools with ISA Server 2004       Backing Up and Restoring the ISA Server Operating System and Components     Summary     Best Practices 19. Monitoring and Troubleshooting an ISA Server 2004 Environment.     Outlining the Importance of ISA Monitoring and Logging       Logging for Governmental and Corporate Compliance       Taking a Proactive Approach to Intrusion Attempts     Configuring ISA Logging and Monitoring       Delegating ISA Monitoring Settings       Understanding the ISA Advanced Logging Service       Installing the ISA Advanced Logging Service       Configuring Firewall Logging       Configuring Web Proxy Logging       Configuring SMTP Screener Logging     Logging ISA Traffic       Examining ISA Logs       Customizing Logging Filters     Monitoring ISA from the ISA Console       Customizing the ISA Dashboard       Monitoring and Customizing Alerts       Monitoring Session and Services Activity       Creating Connectivity Verifiers     Generating Reports with ISA Server       Customizing Reports       Generating Reports       Scheduling Report Generation     Monitoring ISA Server 2004 Health and Performance with Microsoft Operations Manager (MOM)       Taking a Close Look at Microsoft Operations Manager (MOM)       Downloading and Extracting the ISA Server 2004 Management Pack for MOM 2005       Importing the Management Pack AKM File into MOM       Configuring MOM Settings       Configuring MOM Global Settings for Non-Domain Member ISA Servers       Configuring ISA to Allow MOM Communications       Installing the MOM Agent on the ISA Server       Monitoring ISA Functionality and Performance with MOM       Monitoring ISA with Windows Performance Monitor (Perfmon)     Summary     Best Practices 20. Documenting an ISA Server 2004 Environment.     Understanding the Benefits of ISA Server Documentation       Using Documentation for Knowledge Management       Using Documentation to Outline the Financial Benefits of ISA       Baselining ISA with Document Comparisons       Using Documentation for ISA Troubleshooting       Understanding the Recommended Types of Documentation     Documenting the ISA Server 2004 Design       Documenting the ISA Design Process       Formalizing ISA Server Configuration with As-Built Documentation       Documenting Specific ISA Configuration with Custom Scripting     Developing Migration Documentation       Creating Project Plans       Developing the Test Plan       Numbering Server Migration Procedures       Establishing Migration Checklists     Creating Administration and Maintenance Documentation for ISA       Preparing Step-by-Step Procedure Documents       Creating Documented Checklists       Outlining Procedural Documents     Preparing Disaster Recovery Documentation       Outlining Disaster Recovery Planning       Documenting for Backup and Recovery       Outlining Monitoring and Performance Documentation for ISA       Documenting Change Management Procedures     Understanding the Importance of Performance Documentation       Producing Routine Reporting       Implementing Management-Level Reporting       Detailing Technical Reporting     Writing Training Documentation       Outlining Technical Training       Documenting End-User Training       Detailing System Usage Policies     Summary     Best Practices Index.