The ISA Server product team spends a lot of time working on feature design, and the same question comes up time and time again… How do we help users create rules and policies that follow best security practices?
ISA Server guides you towards following security best practices by providing the most secure and appropriate defaults in all our wizards, dialogs, and property pages. This means that when in doubt, we strongly recommend using the provided default selections.
ISA Server 2006 further improves our ability to provide appropriate, secure defaults, by including additional publishing wizards for securely publishing SharePoint, Exchange, and other Web applications, as well as enhanced integrated authentication settings. ISA Server 2006 also provides warnings and popup messages when user defined settings may have security implications. Many of these messages have additional help links available (either as hot links or as help buttons) right on the dialog or popup message.
You can read about the security benefits of the new publishing options in the document ISA Server 2006: Secure Application Publishing. For details about downloading ISA Server 2006, see the ISA Server 2006 product site.
Regards, Linda Lior
ISA Server UE
Thanks for sharing your feedback!