Checklist Summary:

The purpose of this guide is to inform the reader about the available security settings for the Enterprise version of Microsoft ISA Server 2000. The chapters are presented in an order that follows the same sequence of events that an administrator might use in setting up ISA Server. It starts with an important notice about operating system security and then proceeds to ISA Server installation, configuring access controls within ISA Server, setting up the packet filter and intrusion detection features, working with ISA Server extensions, enabling the publishing features to allow information from inside the ISA server to be published on the external network (if desired), and finally monitoring the ISA server. The document also details client setup issues. Each section is formatted to provide a narrative introduction followed by a checklist that summarizes the narrative. This is intended to provide both a level of detail for those who may not be familiar with a certain aspect of ISA Server, while also offering a more concise checklist for those who do not need the background material

Checklist Role:

• Enterprise Firewall

Known Issues:

Do not attempt to implement any of the settings in this guide without first testing in a non-operational environment. This document is only a guide containing recommended security settings. It is not meant to replace well-structured policy or sound judgment. Furthermore, this guide does not address site-specific configuration issues. Care must be taken when implementing this guide to address local operational and policy concerns. The security changes described in this document only apply to Microsoft Windows 2000 systems and should not be applied to any other Windows versions or operating systems.

Target Audience:

It is also assumed that the reader is a knowledgeable Windows 2000 administrator. A knowledgeable Windows 2000 administrator is defined as someone who can create and manage accounts and groups, understands how Windows 2000 performs access control, understands how to set policies, is familiar with how to set up auditing and read audit logs, etc. This document does not provide step-by-step instructions on how to perform these basic Windows 2000 administrative functions it is assumed that the reader is capable of implementing basic instructions regarding Windows 2000 administration without the need for highly detailed instructions.

Target Operational Environment:

• Managed

Testing Information:

The security configuration guide has been extensively tested in a lab and operational environment.

Regulatory Compliance:

Not provided.

Comments/Warnings/Miscellaneous:

Refer to Known Issues.

Disclaimer:

Do not attempt to implement any of the settings in this guide without first testing them in a non-operational environment. Security configuration guides are provided for the Department of Defense and other government agencies requiring security configuration guidelines. The guides contain recommended security settings. They are not intended to replace well-structured policy or sound judgment. The guides do not address site-specific configuration issues. Care must be taken when implementing the guides to address local operational and policy concerns. All security changes described in the guides are applicable only to specifically identified operating systems or architecture components and should not be applied to any other operating system or architecture components.

Product Support:

Not provided.

Point of Contact:

SNAC.Guides@nsa.gov

Sponsor:

Not provided.

Licensing:

Refer to the legal statement provided at: http://www.nsa.gov/notices/notic00004.cfm? Address=/snac/os/win2k/isa_server_2k.pdf

Change History:

v1.1, date unknown
v1.2, date unknown
v1.2.1, date unknown
v1.3, date unknown
v1.4, date unknown
v1.4.1, date unknown
v1.4.2, date unknown
v1.5, 2002-08-08
Updated status to Archive - 10/24/18

Dependency/Requirements:

URL	Description

References:

Reference URL	Description

NIST checklist record last modified on 10/24/2018