Microsoft builds a beta ISA 2006

Last week, I’m struggling for Redmond news; this week, it’s like they have a volcano up there or something. SMS (Systems Management Server) 2003 R2, a Vista Community Technology Preview, Commerce Server 2006 Beta, new announcements about SharePoint Server 2007 , a funeral for FrontPage, and a formal ISA (Internet Security and Acceleration) Server 2006 Beta announcement. Whew. Guess all those headlines about a Microsoft stock slump lit a fire under somebody’s booty.

I blogged about the death of FrontPage (don’t worry; it’s only dead to the world of software bundles) as well as Microsoft’s "final" (for now) list of Vista SKUs off of Technology Filter, so click over there if you want more details. What I’ve been concentrating on this week is the ISA Server 2006 Beta release, mainly because the Redmondians were kind enough to give me a big ol' briefing on that.

Unfortunately, if you’re expecting a security silver bullet or anything else revolutionary out of ISA 2006, you’re in for a disappointment. There are several worthwhile features in the new product, and those using it for perimeter or internal boundary defense will certainly want to upgrade, but a guaranteed security panacea for Windows it’s not.

Big on the list of new features is better integration with Active Directory, which means that Web application servers can get improved authentication security. It’s also a bit better as a proxy server because Microsoft has carried over the compression schemes it released in ISA Server 2004 R2. That means faster Web page load times, according to Microsoft, but I’ll wait to verify that in a test before crowing about it.

Better for those with large branch offices are a series of features that let administrators more easily drop-deploy ISA-based boxes to branch offices. Microsoft plays up the compression angle here, but what’s more important is ISA 2006’s support for BITS (Background Intelligent Transfer Service), also found in 2004 R2. This means not only better support all around for slower WAN links, but features that allow ISA Server 2006 to do things like cache Windows updates. That way, clients at branch offices get their updates in a much smoother fashion than downloading them from a far-away central office.

IT admins can also configure ISA boxes using new policy tools and auto-configuration features. These let admins drop ISA 2006 white boxes at remote sites and allow them to be plugged in by remote users with no need for on-site IT staff. The boxes find central connections on their own; they can then be remote-tweaked by the IT staff. A nice upgrade here is better support for scripting via Monad. (Check this post in my SMB IT blog for a good book on the subject if you’re new to Monad.)