Hiya folks – I am the publihser of the Microsoft Small Business Specialist Primer and I like to hold virtual book readings! This passage is targeted to folks trying to pass the 70-282 exam and concerns ISA firewall rules in a Small Business Server 2003 (SBS) world!
ISA Server 2000 Firewall Access Rules
As you will read in this section, you can configure access policies in ISA Server 2000 that consist of protocol rules and content rules.
Protocol rules define the protocols that can be used for communication between the local network and the Internet. Protocol rules are processed at the application level, allowing clients to use protocols like HTTP, HTTPS, and FTP. You can configure protocol rules to apply to all IP traffic, a specific set of protocols definitions, or to all IP traffic except for selected protocols.
When clients request objects using a specific protocol, ISA Server 2000 checks the protocol rules. If there is a protocol rule specifically denying use of the protocol, the request is denied.
Site and Content Rules
Site and content rules define what content clients can be accessed on what Internet sites. Site and content rules are processed at the application level, allowing or denying clients based on the content of a website and specific protocols used to access that website. When clients request objects, ISA Server 2000 checks the site and content rules. If a site and content rule specifically deny the request, access is denied.
IMPORTANT: So how can you truly commit to memory what protocol rules and site and content rules are and how you might use them? Try this on for size. These rules prevent good girls from behaving badly (kinda sounds like an Internet web-cam site, eh?). Many faiths believe that humans are basically good, not evil. But there are temptations out there in the world that challenge the angelic behaviors of the best of us! So sometime we need a roadblock to prevent us from driving on the road to ruin. These site and content rules, when applied, can serve as that roadblock and prevent kind souls from becoming evil by visiting naughty Internet locations. Consider this akin to your buddy throwing a body block so you can’t hurt yourself!
In all seriousness, one SBS site at a sheriff’s department for a small county outside Denver, Colorado, uses the rules discussed in this section. Because of the nature of law enforcement work, it’s essential that all employees operate and conduct their affairs in a manner above reproach. So the protocol, site, and content rules prevent employees from engaging in potentially embarrassing acts. Anything less would be criminal.
Harry Brelsford, CEO at SMB Nation
MBA, MCSE, CNE, CLSE, CNP, MCP, MCT, SBSC (Microsoft Small Business Specialist)
PS – my Small Business Server 2008 (SBS 2008) book is now here! J
PPS – my spring show, SMB Nation Spring 2009, is in the NYC-area on May 1-3, 2009.