Security and investment: ISA Server
Microsoft Internet Security and Acceleration Server has many uses where networks come together. As its name implies, these include improving security and maximising the use of available bandwidth; as NHS trusts that want to give their staff secure access to their networks have discovered.
“ISA Server is Microsoft’s Swiss army knife,” says security expert Sandeep Modhvadia. “There are lots of pieces to it, and it does lots of things. Wherever two networks come together, it is likely to be useful.”
Living on the edge
ISA Server is an “edge” solution, meaning that it sits on the edge of a network (in practice, between one network and another) and carries out various functions.
As its name implies, these include improving security by managing access to servers within a secure network and acting as a firewall, and improving network speeds by compressing web traffic and caching (or storing) web pages locally.
ISA Server and security
ISA Server makes it possible for organisations to give staff access to email, file sharing and other servers in a secure way. It does this by pre-authenticating users and examining any messages they send in and out of the network for security threats.
Traditionally, firewalls have tended to check only the top layer of messages - who has sent them, for example. ISA Server works at the “application layer”, meaning that it also checks their content.
“The easiest way of thinking about this is to think of an airport security check,” says Mr Modhvadia. “People have to pass through a passport and a ticket check, which tells you who they are and where they are going.
"ISA Server is used for everything from caching to giving remote workers access to their email...it is very, very flexible, so we see different people using it in different ways."
“Then they pass through an x-ray or metal scanner, which looks a bit deeper into what they are carrying. That is what ISA Server does for different protocols, such as HTTP (web pages) and SMTP (email). “In addition, there are suppliers who go further and build on ISA Server to inspect other protocols, such as XML (a standard that provides contextual information for pieces of data).”
ISA Server and the NHS
The NHS has become one of the biggest customers for ISA Server in the UK as IT managers have looked for ways of giving its increasingly mobile staff rapid and secure access to their IT networks and the Internet.
“ISA Server is used for everything from caching to giving remote workers access to their email,” says Mr Modhvadia. “It is very, very flexible, so we see different people using it in different ways.
“However, remote access is a big driver. If nurses are going out to patients with Tablets or other devices, the last thing they want to have to do is to come into the office every day just to update their notes. They want the same experience working outside the office as working in it.
“IT managers want to make sure they can get that without compromising the security of their networks or making huge changes to their infrastructure - and ISA Server can deliver that.”
"We will have a resilient pair of ISA Servers as our ‘front door’ into the organisation...that means we can install Branch Office versions at our three other sites. These will cache web pages locally and give us a big speed up."
ISA Server and branch offices
Making the best use of expensive bandwidth is another driver, particularly for organisations with staff working in remote clinics and other sites beyond the reach of a local area network (what a business might call a branch office).
“Most applications are not written with bandwidth in mind,” Mr Modhvadia admits, “and that raises two issues: how to make best use of the bandwidth there is and how to enable working in the branch.
“As far as the second goes, there are two options: keep buying more bandwidth or use caching technology. Eventually, you will have to increase bandwidth. But if you also install ISA Server, you will get better management and security as well.”
Manchester Mental Health and Social Care Trust is deploying ISA Server at its four main sites for exactly these reasons, as part of a major project to create a brand new, managed infrastructure.
ISA Server will cache local web content and improve network speeds, and act as a platform from which to run SurfControl software for web and email filtering.
“We will have a resilient pair of ISA Servers as our ‘front door’ into the organisation,” says IT manager Carl Ambrose. “That means we can install Branch Office versions at our three other sites. These will cache web pages locally and give us a big speed up.”
Using the hoof trimmer
NHS organisations may decide to buy ISA Server in different ways: as a stand-alone product, as part of a software solution or as part of a bigger investment, such as Microsoft’s Branch Office infrastructure solution.
But they don’t always make full use of what they have. “It is like the Swiss army knife again,” says Mr Modhvadia. “People use 80 or 90 per cent of it, but not 100 per cent.
“We have customers who use ISA Server for caching, but use other products for security. Using ISA Server for security reduces the possibility of error that creeps in when you have to manage many different solutions. It also means you get full value out of what you have.”
Related links: