Feeds

Microsoft adds security layers to ISA Server

System wizards

  • alert
  • submit to reddit

SANS - Survey on application security programs

ComputerWire logo Microsoft Corp will start to foster use of two-factor user-authentication and application-layer firewall defenses with the Feature Pack 1 upgrade to its Internet Security and Acceleration (ISA) Server 2000 firewall and web-caching server, intended to strengthen security across Microsoft Exchange Server email and Internet Information Services (IIS) web server deployments.

ISA Server 2000 Feature Pack 1 supports RSA Security Inc's ACE/Agent component of that company's SecureID software to provide for two-factor authentication at the network edge. Two-factor authentication software helps provide a secure, simple and reliable way to verify a user's identity before granting access to network resources.

Enforced 128-bit RPC encryption for remote Outlook-to-Exchange users is intended to ruggedize email channels. In addition, improvements made to SMTP filtering features means unwanted email messages can be screened by sender, domain, keyword, attachment name, extension or size. The integration of URLScan into Feature Pack 1 means that common web server vulnerabilities should be blocked at the firewall edge, before they are ever presented to an internal web server.

The complexity of security configuration and management can actually make a network vulnerable, and improperly configured firewalls are still a major threat to enterprise security. ISA system administrators could benefit from new system wizards that are intended to make configuration of ISA Server 2000's Exchange Server and IIS defenses much simpler.

ISA was born from Proxy Server, but is slowly evolving into a full-featured web-caching and firewall server, including other features such as intrusion-detection capabilities and bandwidth control. In the area of intrusion detection, Internet Security Systems Inc has made available RealSecure for ISA Server. Other agreements are intended to flesh out the ISA Sever offering.

Symantec Corp has released a new product to provide anti-virus protection for ISA Server, designed to provide virus protection and repair for HTTP, FTP and SMTP traffic server through ISA Server. Trend Micro Inc will also integrate its anti-virus product, while internet filtering company SurfControl Plc has said that the latest version of its SuperScout Web Filter software is compatible with ISA 2000.

© ComputerWire

High performance access to file storage

More from The Register

next story
Obama allows NSA to exploit 0-days: report
If the spooks say they need it, they get it
Samsung Galaxy S5 fingerprint scanner hacked in just 4 DAYS
Sammy's newbie cooked slower than iPhone, also costs more to build
Putin tells Snowden: Russia conducts no US-style mass surveillance
Gov't is too broke for that, Russian prez says
Snowden-inspired crypto-email service Lavaboom launches
German service pays tribute to Lavabit
Mounties always get their man: Heartbleed 'hacker', 19, CUFFED
Canadian teen accused of raiding tax computers using OpenSSL bug
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
Call of Duty 'fragged using OpenSSL's Heartbleed exploit'
So it begins ... or maybe not, says one analyst
prev story

Whitepapers

Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
SANS - Survey on application security programs
In this whitepaper learn about the state of application security programs and practices of 488 surveyed respondents, and discover how mature and effective these programs are.