Using ISABPA for Proactive and Reactive Work with ISA Server – Part 1 of 2

  • Article

It is very interesting to me that many people didn’t fully realized yet the benefits of ISABPA. Certainly we already have lots of admins that use this tool, but do you know if you really use the full capability of this tool? This post will describe the most common scenarios of using ISABPA and how to take full advantage of it. In this first part of the post I’m going to discuss how ISA BPA can assist you proactively to mitigate possible issues.

 

2. Proactive Health Check

 

When you deploy ISA Server you should first of all plan, plan and plan. I worked in many cases where the ISA was installed like you install Microsoft Office, using NNF technology (Next, Next and Finish), no kidding. We all know that it is easy to install, but you need to collect information prior to deploy. Here some typical questions that can influence how you will size ISA for your environment:

· What type of scenario you plan to install ISA:

o Web Proxy?

o Firewall?

o VPN Access?

o Secure Publishing Server?

o All of them?

· What applications are you planning to publish through ISA?

o Exchange OWA?

o Outlook Anywhere?

o Sharepoint?

 

This is definitely not the complete list, is just an example of some questions that you should ask your customer (or yourself) when planning an ISA Server installation. After gather all the data, go ahead and use ISA Server Capacity Planner to see if you have the correct hardware for ISA.

 

Ok, but where ISA BPA comes in on this? I didn’t want to lose the opportunity to bring how important it is the planning phase; this is the reason why I started with that. ISABPA using Health Check option will be a post installation task.

 

Figure 1 – Starting a new scan.

The following screen shows ISABPA performing the scanning operation:

Figure 2 – Scanning in Progress

When this process finished you can click and view report and you will see (depends on the amount of warning or errors you have) a screen similar to Figure 3:

Figure 3 – ISA Report

This is an example of a pristine installation of ISA Server 2006 on top of Windows Server 2003 SP2 with some basic rules configured on it. Notice how many warnings I have and how many improvements I can make on this configuration. If you want more details about each one of those suggestions, just click on it and you will see what the recommendation is as shown in Figure 4:

Figure 4 – Details about the warning message.

If you want to see a hierarchal view plus more details about this configuration you can click in Tree Reports and you will have a view like the one below:

Figure 5 – Tree Reports View.

3. Conclusion

In this first part of the article I explained some advantages of using ISA BPA for a proactive work, next article I will show you how ISBPA Tools can assist you during a troubleshooting scenario.