ISA 2006 Operations » ISA 2006 Supportability Update

ISA 2006 Supportability Update

The Microsoft ISA2k6 Team has released a useful Supportability Update for ISA Server (both ISA2k4 and ISA2k6).  You can download this Update here:

       Microsoft Internet Security and Acceleration (ISA) Server 2006 Supportability Update

There are number of valuable Options this Supportability Update offers.  These Options were designed with the ISA Administrator in mind and include the following:

  • Improvements to the ISA Server Management Console with the addition of a new Troubleshooting Node
  • Enhanced Log Viewing functionality
  • Additional Log Filter functionality
  • Diagnostic Logging, including over 200 new Diagnostic Logging Events
  • Integration with the Microsoft ISA Server Best Practices Analyzer Tool

 

Below you will observe an ISA2k6 Enterprise Edition Configuration installed on a Single Server. 


The ISA 2006 Enterprise Edition Configuration with the Supportability Update installed.

 


A quick review of this Array Server Properties indicates detail about ISA 2006 Enterprise Edition.

 


 


The Supportability Update adds a New 'Troubleshooting' Node to the 'Array' and 'Server' Tree.  We can invoke any of the Supportability Options from this Console Tree.

 


Here I select the 'Configuration Diagnostic Logging' option and begin viewing the various options for Configuring Diagnostic Logging.

 


Additionally, after Diagnostic Logging is configured we see a New Event Log specfically for 'ISA Server Diagnostics'.  An associated ISA Server Diagnostic Event Window is displayed.

 


When I move to the 'Monitoring' Option in the 'Array' Tree we now see the dynamic collection of Log Data.  Note the 'Denied Connection' types display in Red.

 


Another useful feature of the Supportability Updte includes the ability to dynamically save or load Filter Definitions.  Here I initiate loading a dynamic Firewall Filter Definition from an XML File.

 


 


I select a previously saved Dynamic Filter Definition that Scopes in on a specific Server by IP Address (192.168.1.58 for Example).  I perform this Action to isolate all Traffic from this Destination IP Address.

 


The Filter Definition allows almost limitless filtering of realtime (and logged) data. 

 


I observe traffic from my ISA2k6 EE Server to the System Center Operations Manager 2007 Management Server generated by the SCOM2k7 Agent on the ISA2k6 Client.

 


The ISA2k6 Best Practice Analyzer (ISA2k6 BPA) can be invoked directly from the 'Troubleshooting' Tree Node.  I will not review the other Troubleshooting Capabilities in the Supportability Update in this Blog entry.  Instead I will use them in separate Blog entries to highlight the depth of Troubleshooting now available with ISA2k6 EE (and Standard Edition).

 


Here is one Output from the ISA2k6 Best Practice Analyzer.  Again, the Troubleshooting Capabilities available in the Supportability Update is rich!

 

Lynn Lunik
Independent Security Consultant
Windows(R) Platform
IT Pro Secure Corporation
and
exchangesummit.net
http://itprosecure.com and http://www.exchangesummit.net
blog <at> itprosecure.com

      

Posted Oct 08 2007, 09:25 AM by lynn lunik
Filed under:
Copyright IT Pro Secure Corporation 2009-2010 - All Rights Reserved Worldwide
Powered by Community Server (Non-Commercial Edition), by Telligent Systems
Locations of visitors to this page