Securing and Maintaining ISA Server 2004

Managing System Services on the ISA Server Computer :

A second step in securing the computer running ISA Server is to disable all services on the computer that are not required. Several core services are required for ISA Server to run properly, and additional services can be enabled depending on the functionality required. All other services should be disabled.

To manage system services on the computer running ISA Server, follow this procedure:
1. Open the Services console from the Administrative Tools folder.
2. Right-click the service that you are configuring and click Properties.
3. On the service Properties page, on the General tab, select the Startup type. You can also start, stop, pause, or resume the service.


Using Security Templates to Manage Services :
You can manage the system services manually on the computer running ISA Server 2004. However, if you have multiple computers running ISA Server, you should automate the process of managing the services. One option for managing the system services is to use security templates. Security templates are preconfigured sets of security settings that can be applied to users and computers. Security templates can be used to configure the following:

1- Audit Policy settings These settings specify the security events that are recorded in the Event Log. You can monitor security-related activity such as who accesses or attempts to access an object, when a user logs on or logs off a computer, or when changes are made to an Audit Policy setting.
2- User Rights Assignment These settings specify which users or groups have logon rights or privileges on the member servers in the domain.
3- Security Options These settings are used to enable or disable security settings for servers, such as digital signing of data, administrator and guest account names, driver installation behavior, and logon prompts.
4- Event Log settings These settings specify the size of each event log and actions to take when each event log becomes full.
5- System services These settings specify the startup behavior and permissions for each service on the server.

Implementing Security Templates
If your computer is a member of an Active Directory directory service domain, you can apply security templates using Group Policy at a domain or organizational unit (OU) level. If your computer is not a member of a domain, you can use the Security Configuration and Analysis Microsoft Management
Console (MMC) snap-in or the Secedit command-line tool.

Microsoft has released the Windows Server 2003 Security Guide, which includes several templates that you can use to secure servers on your network. The templates are grouped into three categories:
1- Enterprise Client templates are designed for most networking environments that contain only Windows 2000 or later computers.
2- Legacy Client templates are designed for networking environments that contain older computers.
3- High Security templates are designed to be deployed only in networks that require very high security.

Google