ISA 2004 Firewall Rule Guidelines

Spotted via Stanislas, the ISA Server Guidance Centre has published an article on Firewall rules processing and best practice configuration that helps understand the performance implications of various items.

A particularly interesting tip, among many:

Network for Infected Computers
Create a network to contain computers that are infected. Do not create any network rules for the network, so that it will not have any access. When a computer is infected, move it into that network.

Pasted from < https://www.microsoft.com/technet/prodtechnol/isa/2004/plan/firewall_policy.mspx >