RSA Security's RSA SecurID is a two-factor user-authentication solution that requires a user to have an authentication password and to present a token to authenticate with the firewall before accessing Web sites on the corporate network. When you use the RSA SecurID token with RSA Security's RSA ACE/Agent on the ISA Server 2004 firewall and RSA Security's RSA/ACE Server software on the back end, the token works like an ATM card to provide secure remote access to Web sites behind ISA Server. In addition, you can use RSA SecurID to support two-factor authentication for VPN remote-access connections.
Support for an SSL VPN.
Many corporate firewalls close off all outbound ports except for TCP 80 and 443, rendering the ports and protocols required to support true network-layer VPN connections inaccessible. SSL VPNs provide an SSL-secured remote-access solution that simulates the functionality of a network-layer VPN. Everywhere Networks' FileWay lets remote users connect to file shares through a secure SSL connection. FileWay integrates with SSL OWA and gives users access to Exchange mail and to files located on corporate file servers or even desktop machines. A Web interface simplifies assigning approved network resources based on AD users and groups.
ISA Server provides effective and flexible network firewall protection with advanced application layer filtering right out of the box. But you can make a good thing better. Each of the extensions and add-ons discussed in this article can move your ISA Server firewall to the next level of network security.