Internet Security & Acceleration Server Tutorial
Installation requirements for ISA Server 2006
o use ISA Server, you need:
- A personal computer with a 733-megahertz (MHz) or faster processor.
-
Microsoft Windows Server™ 2003 operating system with Service
Pack 1 (SP1) or Microsoft Windows Server 2003 R2 operating system.
Note the following:- You cannot install ISA Server 2006 on 64-bit versions of Windows Server 2003 operating systems.
-
When ISA Server 2006 is installed as a domain member, ISA
Server Enterprise Edition can be installed only in a Windows Server 2003
or Windows® 2000 Server domain.
- You cannot install ISA Server 2006 on 64-bit versions of Windows Server 2003 operating systems.
- 512 megabytes (MB) or more of memory.
- 150 MB of available hard disk space. This is exclusive of hard disk space you want to use for caching.
-
One network adapter that is compatible with the computer's
operating system, for communication with the Internal network.
- An additional network adapter for each network connected to the ISA Server computer.
- One local hard disk partition that is formatted with the NTFS file system.
Before you begin the installation process, you should have some knowledge about the following components & Administrative Roles
| Configuration Storage server | The
Configuration Storage server stores the configuration information for
all of the arrays in the enterprise. The Configuration Storage server
uses Active Directory® Application Mode (ADAM) for storage. When you
install the Configuration Storage server, you also automatically
install ADAM on the computer. When you configure arrays in the
enterprise, you are changing the information in the Configuration
Storage server. ISA Server 2006 Enterprise Edition computers access the
Configuration Storage server to check whether there is any
configuration change, and update their local storage (registry based)
to reflect the recent changes in the enterprise. There can be multiple Configuration Storage servers in the enterprise, each holding an exact replica of the enterprise configuration. Each array points to a specific Configuration Storage server from which it gets the updated configuration. You can also specify an alternate Configuration Storage server, which is used if the first Configuration Storage server fails. |
| ISA Server services | This
is the computer that runs the firewall, virtual private network (VPN),
and caching functions of ISA Server. The computer running ISA Server
services is connected to a Configuration Storage server, which stores
the configuration information. Each ISA Server Enterprise Edition
computer will be a member of an array. |
| Array | An
array represents one or more ISA Server 2006 Enterprise Edition
computers running ISA Server services that are physically connected and
share the same configuration. |
| ISA Server Management | ISA Server Management is the Microsoft Management Console (MMC) snap-in through which the administrator manages the enterprise. Using ISA Server Management, the administrator connects to a specific Configuration Storage server to manage the enterprise. |
| Role | Description |
|---|---|
| ISA Server Enterprise Administrator | Users
and groups assigned this role have full control over the enterprise
and all array configurations. The Enterprise Administrator can also
assign roles to other users and groups. |
| ISA Server Enterprise Auditor | Users and groups assigned this role can view the enterprise configuration and all array configurations. |
| ISA Server Administrator | Users
and groups assigned this role can perform any ISA Server task,
including rule configuration, applying of network templates, and
monitoring. |
| ISA Server Array Auditor | Users
and groups assigned this role can perform all monitoring tasks,
including log configuration, alert definition configuration, and all
monitoring functions available to the ISA Server Basic Monitoring role. |
| ISA Server Array Monitoring Auditor | Users and groups assigned this role can monitor the ISA Server computer and network activity, but cannot configure specific monitoring functionality. |
ISA Server 2006 Installation Process
Before you begin installation, consider the topology of your Microsoft ISA Server 2006 Enterprise Edition infrastructure.
Consider the following:
-
Will you deploy ISA Server in a workgroup or in a trusted
domain environment? For more information, see "ISA Server Enterprise
Edition in a Workgroup" at the Microsoft TechNet Web site.
- Where will the Configuration Storage servers be installed?
-
Will all the Configuration Storage servers be installed in the
same site? For more information about multi-site installations, see
"Deployment Guidelines for ISA Server Enterprise Edition" at the Microsoft TechNet Web site.
- How many arrays will you install in the enterprise?
- How many members are in each array?
- Will you manage the enterprise remotely?
- How many remote management computers will you install?
-
Install a Configuration Storage server. The Configuration
Storage server must be available to install the ISA Server 2006
component. When you install a Configuration Storage server, you can join
the server to an existing enterprise. Alternatively, you can create a
new enterprise. For the most effective deployment, we recommend that
you create a single enterprise in your organization. With a single
enterprise, you can manage all the arrays in your organization from a
single ISA Server Management MMC snap-in.
-
(Optional) Create arrays, enterprise network rules, and enterprise
policies on the Configuration Storage server. When you begin installing
array members, as described in the next step, you can join them to
arrays that already exist.
- Install ISA Server services on one or more computers. When you install a computer running ISA Server services as the first member of a new array, you will specify addresses in the Internal network. For information about the Internal network, see the product documentation.
Stopping and Disabling Services
As part of the installation process, the following services are disabled:
ISA Server Deployment (Single Server)- Internet Connection Firewall or Internet Connection Sharing
- IP Network Address Translation
- SNMP service
- FTP Publishing service
- Network News Transfer Protocol (NNTP)
- IIS Admin service
- World Wide Web Publishing service
In this lesson, you will install the Configuration Storage server (CSS) and the ISA Server services on the same computer.
To install a single server deployment
- Insert the ISA Server CD into the CD drive, or run ISAAutorun.exe from the shared network drive.
- In Microsoft ISA Server Setup, click Install ISA Server 2006. Use the wizard to install ISA Server 2006 as outlined in the following table.
Page Field or property Setting Welcome
None
Click Next.
License Agreement
License Agreement
Select I accept the terms in the license agreement.
Customer Information
User Name
Organization
Product Serial Number
Enter user name.
Enter organization name.
Enter product serial number.
Setup Scenarios
Select the setup scenario.
Select Install both ISA Server services and Configuration Storage server.
Component Selection
Review the features that will be installed. Notice that ISA Server Management is also installed.
Click Next.
Enterprise Installation Options
Select the enterprise installation options.
Select Create a new ISA Server enterprise.
New Enterprise Warning
This page warns you not to install more than one enterprise. Because you are creating a new enterprise, you can ignore the warning.
Click Next.
Internal Network
For an explanation of how to define Internal networks, see ISA Server EE Appendix A: Adding Addresses to the Internal Network, later in this document.
- Click Add to specify the network address ranges.
- Click Add Adapter.
-
Select one or more of the adapters that are
connected to the Internal network. These addresses will be included in
the Internal network that is defined by default for ISA Server.
- Click OK, click OK, and then click Next.
Firewall Client Connections
Select whether you want to allow non-encrypted connections between Firewall clients and the ISA Server computer.
Verify that Allow non-encrypted Firewall client connections is not selected. Click Next.
Services Warning
Review services that will be stopped and services that will be disabled if you continue.
Click Next.
Ready to Install the Program
None
Click Install. - Click Add to specify the network address ranges.
You manage ISA Server 2006 through the ISA Server Management MMC snap-in. You need a reliable, fast connection from the Configuration Storage server to the computer that is running ISA Server Management, so that ISA Server Management will respond quickly, displaying updated configuration information. Similarly, ISA Server Management requires a reliable connection to the ISA Server array, to provide real-time monitoring information.
If your connection to the remote Configuration Storage server is slower than 5 Mbps, we recommend that you connect to the remote Configuration Storage server over a Remote Desktop Protocol (RDP) connection and run ISA Server Management on the Configuration Storage server.
ISA Server Management Requirements
To use ISA Server Management, you need:
- Microsoft Windows Server 2003 SP1 or Microsoft Windows Server 2003 R2 operating system.
- Microsoft Windows® XP with SP1 or Microsoft Windows XP with SP2 operating system.
Note the following:
- You cannot install ISA Server 2006 on 64-bit versions of Windows Server 2003 or Windows XP operating systems.
- You cannot install ISA Server Management on Microsoft Windows Server 2003 operating system, Web Edition.
- You cannot install ISA Server 2006 on 64-bit versions of Windows Server 2003 or Windows XP operating systems.
- 256 MB or more of memory.
Installation of ISA Server Management
By
default, ISA Server Management will be installed when you select to
install ISA Server services or the Configuration Storage server.
To install ISA Server Management, perform the following procedure.
To install ISA Server Management
To install ISA Server Management, perform the following procedure.
To install ISA Server Management
- Insert the ISA Server CD into the CD drive, or run ISAAutorun.exe from the shared network drive.
- In Microsoft ISA Server Setup, click Install ISA Server 2006. Use the wizard to install ISA Server 2006 as outlined in the following table.
Page Field or property Setting Welcome
None
Click Next.
License Agreement
License Agreement
Select I accept the terms in the license agreement.
Customer Information
User Name
Organization
Product Serial Number
Enter user name.
Enter organization name.
Enter product serial number.
Setup Scenarios
Select the setup scenario.
Select Install ISA Server Management.
Component Selection
Review the features that will be installed. Notice that ISA Server Management is also installed.
Click Next.
Ready to Install the Program
None
Click Install.
- After the installation is complete, select Invoke ISA Server Management to launch the ISA Server Management MMC snap-in, and then click Finish
Subscribe to email feed
