What does ISA 2006 bring to my deployment that is not available with ISA 2004?


In your travels through the various ISA publishing wizards, you may have wondered, “what exactly does ISA 2006 do that ISA 2004 can’t?”


Here is the list, folks:


Ø       Certificate authentication + Kerberos Constrained Delegation.  Think EAS & OWA with user certificate authentication.


Ø       Authentication Delegation for Basic, NTLM and Kerberos.  ISA 2004 only had Basic Delegation.


Ø       Web farm publishing using cookie or IP affinity. Provides many advantages over NLB at the Exchange  FE servers.


Ø       Client-aware authentication.  Finally; a single listener for *all* Exchange  web publishing!


Ø       Code-page-aware web publishing.  When the client application provides this information (most do), ISA can deliver language-specific error and logon/logoff pages.


Ø       LDAP authentication for web publishing was added. 


Ø       Enterprise & Array Global and rule-local link translation.  Your arrays & rules can share link  translation settings!


Ø       Certificate quality awareness (ISA 2004 SP2 has a *small* piece of this)


Ø       Configuration Storage server  connection via VPN tunnel (branch office scenario)


Ø       Flood mitigation like no other.  ISA 2006 can detect malware activity; not just “packet storms” (I know; I tested it!).


Ø       The envy of their peers for having deployed the kewlest firewall/proxy on the planet (the galaxy is still being evaluated). 


 Jim Harrison


ISA Server Sustained Engineering


Comments (1)

  1. Anonymous says:

    Jim Harrison has written a good short post on the ISA product group blog aboutthe  new features…