tailieunhanh - Microsoft ISA Server 2004 Firewall phần 2

SecureNAT Client The SecureNAT client is effectively any device that attempts to communicate through the ISA Server 2004 firewall without being configured as one of the other firewall types | SecureNAT Client The SecureNAT client is effectively any device that attempts to communicate through the ISA Server 2004 firewall without being configured as one of the other firewall types. For all intents and purposes this is the traditional point to the firewall as the default gateway to communicate type of a client. Therefore practically any type of TCP IP network host can communicate through the firewall as a SecureNAT client. Although easy to implement there is no special configuration required beyond just enabling network communications on the host the SecureNAT client is the least secure and capable of the firewall clients. SecureNAT clients cannot be configured to authenticate with the firewall to determine what access should be permitted nor can they access resources requiring complex protocols protocols that require multiple connections for example standard FTP port mode connections without the use of application filters installed on the firewall itself. Firewall Client The ISA Server 2004 firewall client is one of the components to an ISA Server 2004 solution that really separates it from the competition in terms of the kind of control over access that can be managed. The firewall client software can be installed on any Windows-based client which is a limitation in environments that use Linux Sun UNIX or Mac computers. Once implemented however the firewall client enables you to define access to external resources based on users and groups and authenticate all access requests to ensure that only the users you have specified are allowed to communicate. It also enables you to define how they can communicate. This authentication information is stored in the firewall log files making it easy to perform a forensic analysis to determine what sites protocols and applications the user was running or accessing. Perhaps the most powerful feature of the firewall client is the ability to enforce security controls on the client itself for example allowing only .