One small part of Microsoft's message at the RSA Conference 2005 security confab later this month will be the expected...
release of an enterprise version of its ISA Server 2004 firewall.
The Internet Security and Acceleration (ISA) Server 2004 Enterprise Edition, is aimed at the largest enterprises, with
Network load balancing distributes connections across machines in the array, so if any one computer goes down, traffic is immediately routed to others. The Web proxy array helps by storing information from an incoming request on one of the ISA-enabled machines. The caching algorithm is set so content is never stored twice in one array.
"IT administrators benefit by being able to cache more content -- it is closer to the users, and therefore speeds up the Internet site," said Thomas Shinder, a Dallas-based consultant and expert on ISA Server.
Firewall policies stored in ADAM
One customer who is using ISA Server 2004 Standard Edition agreed that the caching feature in both editions is good for speed. "[Caching] is good for Web-based application or something like FedEx Online, anything that is used on a regular basis," said Emilio Soto, an IT
For companies that aren't large, the extra space that caching provides is only a perk, he added. The sort of network load balancing offered by ISA Server 2004 Enterprise Edition is also something that benefits mainly the global enterprise, Soto said.
Another advantage in ISA Server 2004 Enterprise Edition is that, unlike ISA Server 2000, which stored firewall policies in Active Directory, the Enterprise Edition stores firewall policies in Active Directory Application Mode (ADAM), Shinder said. ADAM is the LDAP directory that runs as a non-operating system service.
Microsoft's ISA Server 2004 Standard Edition, which was released last summer, also added application layer protection, VPN quarantine capabilities and cache functionality.
ISA commonly used as a proxy
Today, most enterprise customers use ISA Server as an application proxy, preferring to place a hardware appliance on the network edge. To blunt criticism that a software firewall was less secure than a hardware appliance, last October Microsoft formed a partnership with Network Engines Inc., a Canton, Mass., company that planned to use Microsoft's ISA Server technology with Network Engine's NS Series of firewall appliances. Network Engines said it would also add some of its own diagnostic features.
Microsoft currently has no plan for ISA Server 2004 Enterprise Edition hardware OEM support, but Shinder said he would like that to change. "The appliance approach for this is a natural," he said.
Pricing for the Enterprise Edition has not been disclosed. Pricing for ISA Server 2004 Standard Edition was comparable to pricing for ISA Server 2000 Standard Edition.