You are on page 1of 6

Standard Edition

Microsoft® Internet Security and Acceleration Server 2004 is the advanced

application-layer firewall, VPN, and Web cache solution that enables customers to
easily maximize existing IT investments by improving network security and

Microsoft Internet Security and Remote Authentication Dial-In

Acceleration (ISA) Server 2004 User Service (RADIUS) or RSA
provides advanced protection, ease SecurID.
of use, and fast and secure access • Attachment blocking and
for all types of networks. session timeout so that users’
email sessions cannot be left
What’s New in ISA Server 2004 open indefinitely for others to use.
ISA Server 2004 contains a full- The integrated firewall and Virtual
featured, application-layer-aware Private Network (VPN) architecture
firewall that protects organizations of ISA Server 2004 support stateful
of all sizes from attack by both filtering and inspection of all VPN
external and internal threats. traffic and provide VPN client inspec-
ISA Server 2004 performs deep tion for Windows Server 2003-based
inspection of Internet protocols such quarantine solutions, helping to
as HTTP enabling it to catch many protect networks from attacks that
threats that traditional firewalls enter through a VPN connection.
cannot detect.
In addition, a completely new user
A member of the Microsoft ISA Server 2004 provides unique interface, wizards, templates, and a
Windows Server System™, levels of protection for Microsoft host of management tools simplify
Microsoft Internet Security and Outlook Web Access, including: setup, deployment, and management,
Acceleration Server 2004 is a • Pre-Authentication which helping administrators avoid common
highly secure, easy to use , cost- prevents anonymous user logins, security configuration errors.
effective solution that helps IT a key attack vector.
professionals combat new and Advanced Protection
emerging threats. • HTTP Filtering that provides
deep inspection of application The application-layer security built content. into ISA Server 2004 is particularly
well suited for protecting networks
• A Web publishing rule that that are running Microsoft applica-
enforces secure forms-based tions, such as Internet Information
authentication. Server, Office SharePoint® Portal
• Secure Sockets Layer decryp- Server, Routing and Remote
tion, enabling SSL traffic to be Access Server, Active Directory®
inspected for malicious code. directory service, and others. Key
• Multifactor authentication, capabilities include:
providing authentication whether • Multi-layer inspection provides
the remote mail scenarios use comprehensive and flexible policies
to control application-specific securely and remotely manage • Enhance network performance
traffic with application, command, firewall and Web cache services. and reduce bandwidth costs by
and data-aware filters. By intelli- • More easily secure corporate using Web caching in corporate
gently filtering VPN, HTTP, FTP, applications, users, and data data centers and branch offices.
SMTP, POP3, DNS, H.323 confer- because ISA Server 2004
encing, streaming media, and integrates with Windows Active Ideal for Businesses of All Sizes
RPC traffic, ISA Server 2004 can Directory, third-party VPN Through its integrated firewall, VPN,
accept, reject, redirect, and modify solutions, and other infrastructure and caching solution, ISA Server
traffic based on its contents. components. 2004 offers small and medium-sized
• Advanced application layer • Easily obtain support and businesses a great way to leverage
filtering helps protect user information from the thriving their investment in Microsoft tech-
information by performing deep community of partners, users, and nology. Typically, these businesses
HTTP stateful inspection, with the Web resources that support have few IT resources. ISA Server
extent of the inspection configured ISA Server 2004. enables them to meet their network
on a per-rule basis. This approach security and business needs in a
enables administrators to config- Fast and Secure Access cost-effective manner.
ure custom constraints for both
ISA Server 2004 enables you to For large enterprises, ISA Server
inbound and outbound access.
connect users to relevant informa- 2004 helps protect and extend their
• Unified firewall and VPN policy tion on your network in a high-speed investment in Microsoft technology.
management, deep content and cost-effective manner. With ISA ISA Server 2004 is also well suited
inspection, and VPN quarantine Server 2004, you can: for branch offices, enabling compa-
integration make it easier to nies to save money by using a single
• Provide fast, secure, anywhere/
secure inbound traffic and protect configuration and management
anytime access to corporate
your network from inside attacks point for security and connectivity.
applications and data, such as
through VPN client access control.
e-mail, calendar, and contact
• Integrated multi-networking
A Flexible Solution
information stored on Microsoft
capabilities, network templates, Exchange Server. ISA Server 2004 is designed to
and stateful routing and meet customer demand for a single,
• Establish a safe, reliable, and
inspection capabilities enable integrated solution that is flexible
high performance infrastructure
you to deploy ISA Server 2004 enough to be used in a variety of
for both inbound and outbound
into existing IT environments as scenarios. Possible uses include:
Internet data access.
an edge, departmental, or branch • Enabling employees outside the
office firewall without changing • Offer users the convenience of
network to access their corporate
your network architecture. a single sign-on, with multiple
e-mail and data, as well as
Internet-standard authentication
controlled areas of the corporate
Easy to Use mechanisms to verify user identity.
An all-new user interface and sim- • Further enhance security with
• Enabling partners to access only
plified management tools provide an integrated, single-server solu-
selected information within the
unified VPN and firewall manage- tion that puts only the necessary
corporate network
ment through a robust visual policy services—such as firewall
editor. ISA Server 2004 also comes security, VPN, and Web cache— • Enabling branch offices to
with intuitive network templates, at the edge of the network. communicate with the main office
automated wizards, and enhanced or each other in a secure and
• Scale out your security infra-
troubleshooting tools. Together, these cost-effective manner
structure as your networking
ease-of-use features can lower the needs grow by taking advantage • Controlling and monitoring
cost of ownership and help you avoid of the flexible, multi-network employee Internet browsing
security configuration errors. With architecture of ISA Server 2004. • Boosting network performance
ISA Server 2004, you can:
through caching
• Shorten ramp-up time for new
• Protecting employee desktops
security administrators with
from malicious traffic on the
easy-to-use management tools
that will help prevent security
breaches due to firewall
• Minimize network access down-
time by enabling administrators to
Product Highlights
Feature Benefit
Guard sensitive corporate applications and data
Multilayered content inspection Includes an advanced application-aware firewall to help protect IT assets against hackers and viruses and
block undesirable traffic, while enabling complex application traffic to travel over the Internet.
Integration with diverse Provides users with faster, more secure access to applications and services, including Microsoft Exchange
applications Server and Microsoft Internet Information Services.
Integrated VPN functionality Helps secure inbound traffic and protect your network from inside attacks. Built-in IPSec tunnel mode
support enables you to easily connect site-to-site VPNs .
Comprehensive authentication Authenticate network users through built-in Windows or RADIUS namespaces, using a variety of
mechanisms credentialing mechanisms, including RSA SecurID.
Easily manage network security policies and firewall configuration
Multinetworking capabilities and Enable you to quickly deploy ISA Server 2004 into your existing IT environment as an edge, departmental,
templates or branch office firewall—without changing your network topology.
Unified firewall and VPN Provides easy-to-use management tools, including an enhanced visual policy editor, to shorten the learning
management interface curve and minimize security breaches that can occur due to misconfiguration.
Enhanced troubleshooting Includes a new monitoring dashboard with real-time log viewer, enabling you to quickly view summarized
firewall status information or drill down into the details.
Speed access and improve efficiency
Enhanced firewall architecture Increases network efficiency by enabling authorized traffic to pass through the firewall faster. Both the
application-layer filtering and the ability to centrally configure cached object storage and retrieval policies
improve network performance.
Faster, lower-cost Internet access Improves user productivity and saves on bandwidth costs by using the ISA Server Web cache to serve
content locally.

Microsoft Internet Security and Acceleration Server 2004

Standard Edition Feature Details
Feature Benefit
Multinetwork support
Multiple- You can configure one or more networks, each with distinct relationships to the others, and can define
New network access policies for each network. ISA Server 2004 will inspect traffic between any defined networks.
Unique You can protect your network against internal and external security threats by limiting communication
New per- between clients—ev en within your own organization.
Stateful ISA Server 2004 examines data crossing the firewall in the context of its protocol and the state of the
inspection connection, no matter what its source or destination.
of all traffic
Routed ISA Server 2004 defines relationships between networks, depending on the type of access and
and communication allowed between them.
New address
New Network ISA Server includes five network templates that correspond to common network topologies. Once you use
templates one of the templates to configure the firewall policy, ISA Server will automatically create the necessary
rules and network relationships.
Virtual Private Networking
Improved VPN ISA Server 2004 includes fully integrated VPN capabilities, based on Windows Server 2003 Routing and
Administrat Remote Access Server. ISA Server 2004 can assign IP addresses to VPN clients connecting to the
ion network and can apply policy on all remote traffic.

Security ISA Server 2004 enables you to configure VPN clients as a separate network and create distinct access
policies policies for each VPN client. The rules engine uses the access policy to check requests from VPN clients,
and statefully inspect these requests, and dynamically open connections between the VPN clients and the
stateful network.
for VPN

Interoperability with third- Support for the industry-standard IPSec protocol means that ISA Server 2004 can plug into
party VPN solutions environments with VPN infrastructures from other vendors, including infrastructures employing IPSec
tunnel mode configurations for site-to-site connections
Security Infrastructure
Improved Application filtering ISA Server 2004 enables you to choose from a variety of new application filtering capabilities and server
publishing scenarios. One new filtering capability, enhanced HTTP filtering, is specifically designed for
Exchange Server, Outlook Web Access, and Internet Information Server.
New Extensive protocol support You can use dozens of predefined protocols to integrate ISA Server 2004 with major Internet
applications. ISA Server 2004 enables you to control access to any protocol and usage of any protocol,
including IP-level protocols and IPSec traffic.
Improved Authentication You can authenticate users using built-in Windows, RADIUS, or RSA SecurID authentication types or
mechanisms namespaces, applying rules to users or user groups in any namespace.
Improved Simplified policy model ISA Server 2004 now uses a single ordered rules engine that provides detailed mechanisms for
managing traffic and enforcing policy. Using this rules engine, administrators can control network and
Internet access by user, group, application, content type, schedule, and destination.
Dynamic packet filtering ISA Server 2004 reduces the risk of external attacks by opening ports only when needed.
Improved Smart application filters Data-aware filters that block only certain types of content enable you to control application-specific
traffic, such as e-mail and streaming media.
Improved Updated firewall client The ISA Server 2004 firewall client enables you to integrate authentication, automatic web proxy
configuration, and role-based security using group policies. Other key enhancements include better
connectivity for complex protocols, multi-user account support, and encrypted communications.
Transparency for all clients ISA Server is compatible with clients and application servers on all platforms, including both NAT and
SecureNAT clients, with no client software required.
Improved Publishing ISA Server 2004 enables you to place servers behind the firewall, either on the corporate network or on
a perimeter network, and securely publish their services to the Internet.
Link translation The link translation functionality in ISA Server 2004 allows for intelligent translation of internal links into
publicly accessible sites.
Improved Cache rules A centralized mechanism for cache policy rules enables you to configure how objects stored in cache
are retrieved and served.
Efficient content You can improve response times and cut bandwidth costs by distributing and caching Web sites and
distribution e-commerce applications locally, so as to bring Web content closer to users.
High-performance Web Web caching provides users with accelerated Web access and saves network bandwidth.
Smart caching You can proactively cache popular objects to ensure the freshest content for each user. You can also
preload the cache with entire Web sites on a defined schedule.
Improved Management New management features make it easier to secure your networks. ISA Server 2004 also offers new
user interface features, such as task panes, help panes, and a new look for the firewall policy editor,
including drag-and-drop capabilities.
New Export and import ISA Server 2004 introduces the ability to export and import configuration information between ISA
Server computers through an XML file, enabling you to easily replicate firewall configurations for multi-
site deployment.
New Dashboard A single view presents a summarized version of key monitoring information. If you note a problem, you
can easily drill down into other monitoring viewers for more information.
New Log viewer A log viewer lets you display the firewall logs in real time—either in an online real-time mode or in a
historic review mode. You can also apply filtering to log fields to identify specific entries.
Improved Built-in reporting You can run scheduled standard reports on Web usage, application usage, network traffic patterns, and
additional space required for Web operating system, you must install the
To use Microsoft Internet cache content following: Windows 2000 Service Pack 4
Security and Acceleration • Network adapter that is compatible with or later and Internet Explorer 6 or later.
Server 2004 Standard Edition, the computer's operating system for If you are using the Windows 2000 Server
communication with the internal or Advanced Server release that also
you need: network; one additional network installs Service Pack 4, you must install
• PC with a 550 MHz Pentium III or adapter, modem, or ISDN adapter for the hot fix specified in article 821887 in
higher processor (ISA Server 2004 each additional network connected to the Microsoft Knowledge Base.
Standard Edition supports up to four the ISA Server computer
CPUs on one server) Microsoft recommends that all customers
• CD-ROM or DVD-ROM drive
• Microsoft Windows® 2000 Server or • VGA or higher-resolution monitor
deploy current security implementation
Advanced Server with Service Pack 4 best practices as outlined at
• Keyboard and Microsoft Mouse or
or later, Windows 2000 Datacenter . Additional
compatible pointing device
Server or Windows Server 2003 hot fixes may be recommended.
Standard Edition or Enterprise Edition Actual system requirements will vary
• 256 MB of RAM or more based on your deployment configuration,
(recommended) expected load, and the features you
• NTFS-formatted local partition with 150 If you install ISA Server 2004 Standard choose to install.
MB of available hard-disk space; Edition on a Windows 2000 Server

For more information about Microsoft Internet Security and Acceleration Server 2004, visit .

To order Microsoft Internet Security and Acceleration Server 2004 , or to receive a reseller referral in the United States or Canada, call (800) 621-7930, Dept.
A334DS. Outside the United States and Canada, please contact your local Microsoft subsidiary. Customers who are deaf or hard-of-hearing can reach
Microsoft text telephone (TTY/TDD) services by calling (800) 892-5234 in the United States or (905) 568-9641 in Canada.

© 2004 Microsoft Corporation. All rights reserved. This data sheet is f or informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS
Microsoft, Active Directory, Outlook, SharePoint, Windows, and Windows Server System are either registered trademarks or trademarks of Microsoft Corporation in the United States
and/or other countries.
The names of actual companies and products mentioned herein may be the trademarks of their respective owners.