Chapter 16. Securing Remote Access to SharePoint 2003 with ISA Server 2004

IN THIS CHAPTER

• Understanding the Internet Security and Acceleration (ISA) Server 2004

• Outlining the Need for ISA Server 2004 in SharePoint Environments

• Outlining the Inherent Threat in SharePoint Web Traffic

• Publishing and Customizing SharePoint Web Server Publishing Rules

• Configuring SSL to SSL Bridging for Secured Websites

• Logging ISA Traffic

• Monitoring ISA from the ISA Console

In today's risk-fraught computing environment, any exposed service is subject to frequent attack from the Internet. This is particularly true for web services, including those offered by SharePoint Portal Server 2003 and Windows SharePoint Services. Exploits using the Hypertext Transport Protocol (HTTP) that SharePoint uses are becoming commonplace, and it is no longer acceptable to make a SharePoint Server directly accessible via the Internet.

Fortunately, the productivity gains of SharePoint can still be extended and made more accessible by securing them behind a reverse-proxy server such as Microsoft's Internet Security and Acceleration (ISA) Server 2004. ISA Server 2004 allows for advanced application layer filtering of network traffic, greatly securing the overall SharePoint environment.

This chapter details the ways that SharePoint Portal Server and Windows SharePoint Services can be secured using the ISA Server 2004 product. Deployment scenarios for securing SharePoint using ISA are outlined, and specific step-by-step guides are illustrated.