About URL Scanning
ISA Server Feature Pack 1 installs URLScan version 2.5, as a Web filter. URLScan screens all incoming Web requests to the ISA Server computer, and only allows requests that comply with a configurable rule set to pass through to the published Web servers. This significantly improves the security of the IIS Server computer, by helping ensure that it only responds to valid requests.
With URL scanning, you can filter requests based on length, character set, content, and other parameters. You can specify which verbs (HTTP methods), headers, extensions, and strings are acceptable in users' HTTP requests.
The URLScan Web filter applies only to incoming traffic.
URL scanning is applied to all Web publishing rules, including Microsoft® Exchange Outlook® Web Access (OWA) servers. By enabling URL scanning on all traffic destined for the Outlook Web Access server, you can discard suspect messages, before they enter your network.
Functional differences: URLScan 2.5 for IIS Server vs URLScan Web Filter for ISA Server
The URLScan Web filter functions differently when installed on an ISA Server computer than it does on an IIS Server computer. There are two major differences:
For more information about the URLScan options, see About URLScan.ini.
URLScan Configuration Files
A default rule set is provided in a configuration file, which can be customized to meet the needs of a particular server. When you install the URLScan Web filter, two configuration files are installed to the ISA Server installation folder.
As part of the installation process, you select the configuration file to be used by the URLScan Web filter. The selected configuration file is copied to the URLScan.ini file, which is also located in the ISA Server installation folder.
For more information on the URLScan configuration file, see About URLScan.ini. Additional URL scanning configuration files are available from the ISA Server Feature Pack 1 Web site(http://www.microsoft.com/).
URLScan and Arrays
The URLScan Web filter must be installed on all ISA Server computers in the array. This means that the Feature Pack should be installed on all the servers in the array. Furthermore, be sure that you select the same configuration file for each ISA Server computer in the array.