Using Internet Security and Acceleration Server

Internet Security and Acceleration Server 2000

Microsoft® Internet Security and Acceleration (ISA) Server 2000 is a platform that third-party developers can extend by creating components that work with ISA, such as application filters, ISA Management, and Web (ISAPI) filters. For example, a vendor may develop an application filter that scans for viruses. The filter configuration information should be included with ISA configuration information. When ISA is backed up, the virus-scanning filter configuration data is also backed up. The mechanism for integrating third-party data into ISA is the FPCVendorParametersSets collection.

Developers can also create Microsoft Management Console (MMC) extension snap-ins for components designed to work with ISA, so that relevant property pages will be integrated into ISA Management.

Administration Resources

ISA provides extensive support for administration of ISA arrays, either using ISA Management, as described in the product documentation, or through administration scripting.

Source Files and Samples Provided with ISA

The Msfpccom.idl source file contains the definitions of all ISA administration COM objects. In Visual Basic, you access the administration COM objects through the FPCLib type library. The Wspfwext.idl source file contains the definitions of all ISA Firewall interfaces.

Within the ISA Software Development Kit (SDK), the following topics contain example code that can be copied from the text:

ISA Server Script Samples on CD-ROM

In addition to the example code in the SDK, the following samples are on the ISA Server CD-ROM in the sdk\samples\Admin\Scripts folder. The file name of each sample is listed in the Samples column. A brief description and the language extension are also provided. See Script Samples for more detailed descriptions.

Samples Description Language
Add_Dod Shows how to add a new Dialup Entry. VBScript
AddDeniedMethod Shows how to add a denied HTTP method. VBScript
AdditionalKey Demonstrates the use of the additional key. VBScript
AddLATEntry Shows how to add an IP range to the array LAT. VBScript
AddScheduledContentDownload Adds a scheduled content download job. VBScript
ApplicationFilterList Lists the Application Filters installed on the ISA server. VBScript, JScript
CacheSettings Displays array cache settings. VBScript, JScript
ConstructLAT Shows how to construct the LAT of an array based on its network interface cards (NICs). VBScript, JScript
DeleteURL Causes the Web proxy service to delete a Web object from the ISA cache. VBScript
DisableScheduledContentDownload Disables Scheduled Content Download job on given days for a given array. VBScript
EnterpriseDestination Adds a new Destination Set to the Enterprise, sets the array policy to use Array And Enterprise Policies, and configures the new rule to use the Enterprise Destination. VBScript
FetchUrl Causes the Web proxy service to fetch an object and store it in the cache. VBScript
FindScheduledContentDownload Receives an array name and a URL and checks if any scheduled content download job includes that URL. VBScript
ListDeniedMethods Lists the denied HTTP methods for an array. VBScript
ListServers Lists servers in a given array. VBScript, JScript
SetCache Sets the cache. VBScript
SetDefaultApplicationSettings Demonstrates how to add client settings. VBScript
SetUpstreamRouting Shows how to set up upstream routing to another server. VBScript
ShowAllProtocolRules Lists all protocol rules of an array. VBScript, JScript
ShowAllRoutingRules Lists all routing rules of an array. VBScript
StaticFilter Demonstrates how to create a static packet filter, which allows NTP communication with the ISA Server computer. NTP uses the UDP protocol and Port 123. VBScript

Note  The JScript samples have limited functionality compared to the corresponding VBScript samples. The major difference is that JScript will always use the first array in a network, whereas VBScript will ask the user for the array name.

ISA Application Filter Samples on CD-ROM

The following application filter samples are on the ISA CD-ROM in the sdk\samples\application_filters folder. The file name of each sample is listed in the Samples column. The samples are written in C++. For more details regarding the samples, see Sample Filters.

Samples Description
Connector A console application that emulates an application protocol (works with ConnectorFilter).
ConnectorFilter Enables a complex protocol that requires secondary connections on random ports (works with Connector application).
DbgDump Registers for notifications on all possible events, installs data filters on all connections, and outputs information about the events to the debugger.
Exeblock Blocks all executable files unless a protocol rule is defined allowing a specific user to receive executable files.
Serversplit Demonstrates the use of connection emulation for inbound connections.
SMTPFLTR Captures and analyzes data sent by external clients that use the SMTP protocol.
Socks4a Demonstrates the use of SOCKS protocol version 4/4A.
Socks5 Demonstrates the use of the SOCKS 5 protocol.

ISA Web Filter Samples on CD-ROM

The Web (ISAPI) filter sample WebResponseModifier is provided on the ISA Server CD-ROM in the sdk\samples\Web_filters folder. The filter collects response chunks and allows you to change them depending on the complete response.

For more details about the WebResponseModifier sample, see Webresponsemodifier.

This section, Using Internet Security and Acceleration, contains the following topics: