Key IT Administrator Concerns | ISA Server 2006 Provides | IAG 2007 Provides |
|---|
Control Access | | |
Need differentiated access for employees, vendors, and partners that limits user actions based on roles. | | Flexible configurations and context-sensitive portals based on endpoint state, user identity, and credentials support multiple simultaneous user sets. |
I need to quickly and easily publish multiple applications to a wide variety of users both inside and outside of the enterprise. | Simple wizard-driven publishing tools take the guesswork out of configuring remote access policies for Exchange Server and SharePoint technologies. | More than nine individual Intelligent Application Optimizers for popular enterprise applications deliver pre-configured security and policy logic out of the box, with pre-set rules for hundreds of different application variants, client security tools, and more. |
Protect Assets | | |
Need security for legacy and non-Web-ready applications that cannot easily be re-tooled for Internet access. | ISA Server provides circuit layer and stateful packet filtering on all ports and traffic, with a custom network template preconfigured for the secure socket layer (SSL) virtual private network (VPN) gateway, on a pre-hardened Windows Server operating system (appliance only). | Web application firewall with positive and negative logic rule set can learn and adapt to new applications, with specific customizations through the integrated policy editor. |
Need to publish a large number of Web and application servers to accommodate increasing remote access requirements. | Web Publishing Load Balancing for deploying entire farms of Web servers behind ISA using session- and IP-based affinity with automatic out-of-service detection. | Scale to 64-node gateway arrays for support of a virtually unlimited number of applications and users in a single configuration. |
Need SSL-based connectivity to enable access from unmanaged endpoints without compromising the corporate network’s integrity. | IPsec VPN Quarantine capabilities and integrated management help ISA Server protect the network from potentially compromised machines. | Balances optimal access with high security through per-application policy and comprehensive authentication and authorization mechanisms with endpoint session control, monitoring, and state cleanup. |
Both off-the-shelf and custom applications need flexible security policies that will grow and change with my business. | | Application Optimizer Toolkit helps IT administrators and application developers build customized secure access policies for in-house developed and third-party applications. |
Safeguard Information | | |
I don’t want my company’s intellectual property exposed to thieves—make sure sensitive information isn’t left behind on unmanaged clients. | | Endpoint session control, monitoring and U.S. Department of Defense-compliant client-side state cleanup help ensure that critical data isn’t left on remote devices. |
I don’t want information leaving my network, but I don’t want bogus content or malicious traffic coming into my applications, either. | Application-layer filtering for HTTP, RPC and other protocols, including command validation, helps prevent errant server requests from compromising IT systems. | Intra-application granular policy enforcement on Microsoft and third-party applications, plus extensive real-time monitoring and logging, helps drive policy compliance by providing an audit trail for IT managers to track user activity and data usage. |
Need protection against attacks cloaked in encrypted content. | SSL bridging for inspection of encrypted content, better application scalability via offloading SSL processing to the ISA Server, and lower latency via support for SSL hardware accelerators. | URL rewriting and data manipulation through positive-logic rules present only the desired data to end-users, with proper handling of all Web data (input and output). |
