Have you checked the MS pages on ISA Server and Security?

http://www.microsoft.com/isaserver/
http://www.microsoft.com/technet/security/bestprac.asp

You will want to harden the server, there are some good sites (see
above) and books on that subject. One of the easiest books I have found
although not complete (does not deal fully with file and registry
permissions) is the O'Rielly book Securing Windows NT/2000 Servers for
the Internet by Norberg and Russel. SANS has some guides, NSA and the
US Navy also have guides. The NSA makes you pay for theirs now but,

SANS
http://www.sans.org
Navy
https://infosec.navy.mil/content.html

If you need the old NSA doc (done by Trusted Systems) email me directly
and I can send it to you. Most of these guides are for NT 4. NSA has a
preliminary version out for W2K but is not widely distributed and is
still in draft mode.

Hope this helps, good luck.

Ewan Morrish wrote:
>
> I have been asked by my manager to design and implement a new Internet
> Security & Acceleration Server on our network to help limit abuse of
> Internet Access. Can anyone point me in the right direction in regards to
> doing a proper implementation plan, what areas to investigate, security,
> costings, network design etc. Since I've just started working for my
> company, I would like to make a good impression.(Ofcourse)
>
> Regards
>
> Ewan.

--
------------------------------------------------------------------
James P Kirk                       |    email:  jp.kirkerols.com
MCSE, MCP+I, CCNA, CCSA
Various other assorted security certs, yada, yada, yada!
------------------------------------------------------------------
error: found your .sig, thought it was stupid, did not append!

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]