Administration: Concepts

You administer Microsoft Internet Security and Acceleration (ISA) Server 2006 through ISA Server Management. ISA Server Management is a snap-in console in Microsoft Management Console (MMC). There are three primary areas: the console tree (also known as the tree in MMC), the details pane (also known as the results pane in MMC), and the task pane (also known as the Action pane in MMC).

ISA Server Management includes accessibility features that make it more accessible for people with disabilities. For more information, see Accessibility.

To best view ISA Server Management, we recommend that you set your screen resolution to 800x600 or higher.

The figure illustrates the ISA Server Management snap-in console.

The console tree (labeled 1 in the figure) shows the nodes that are available in ISA Server Management. The details pane (labeled 2 in the figure) is the large pane between the console tree and the task pane. The details pane shows information about, and functions pertaining to, the selected tree item. As you click different items in the tree, the information in the details pane changes. The details pane can display many types of information including Web pages, graphics, charts, tables, and columns.

The right pane contains the task pane (labeled 3 in the figure). The task pane can include a Tasks tab and a Help tab. On the Enterprise Policies (for ISA Server 2006 Enterprise Edition) and Firewall Policy nodes, the task pane also includes the Toolbox tab. On the Networks node, the task pane also includes the Templates tab.

You can close the task pane. In the split bar (labeled 4 in the figure), click the Open/Close Task Pane button. (It looks like a tall rectangle with a right-pointing arrow.) To reopen the task pane, click the Open/Close Task Pane button again. (It looks like a tall rectangle with a left-pointing arrow.) Note that closing the task pane allows you to see more of the details pane content, however, some actions are available only from the task pane. Furthermore, with the task pane closed, the Help tab that provides information about how to perform most actions using the task pane links is unavailable.

Each tree node has its own menus and toolbar, separate from those of the main window, that help you perform actions.

To select adjacent rules, click the first rule, and then hold down SHIFT and click the last item.

To select nonadjacent rules, click the first rule, and then hold down CTRL and click additional items.

Many property sheets include an Apply button, which you can click to save the configuration changes to memory. However, changes to the configuration are not actually saved to storage until you click the Apply button on the Apply Changes bar.

The Apply Changes bar appears automatically, whenever you make configuration changes. To apply the changes, click the Apply button on the Apply Changes bar. To discard the changes, click the Discard button on the Apply Changes bar. If you click Discard on the Apply Changes bar, any configuration that had been saved to memory is discarded.

For ISA Server Standard Edition, the changes are saved to the registry.

For ISA Server Enterprise Edition, the changes are saved to the Configuration Storage server. The changes are propagated to the specified Configuration Storage server and then to all the array members, as scheduled on the array properties. For instructions, see Specify a Configuration Storage server for this array (Enterprise Edition).

The Toolbox tab is available only on the Enterprise Policies (for ISA Server Enterprise Edition) and Firewall Policy nodes. It includes a list of rule elements, which can be used in the firewall policy rules: protocol definitions, users, content types, schedules, and network objects.

In the Enterprise Policies (for ISA Server Enterprise Edition) and Firewall Policy details panes, you can edit rules by opening the property sheets for the specific rule. Alternatively, you can drag applicable rule elements from the Toolbox into a rule listed in the details pane, thereby modifying the rule.

ISA Server 2006 Enterprise Edition only

By grouping ISA Server 2006 Enterprise Edition computers into arrays, you can centrally manage network policy for the entire enterprise. You can select a centralized enterprise policy that applies to all arrays in the enterprise or a more flexible policy where each array administrator can define a local policy. The centralized administration can mean greater security. All the administrative tasks can be performed from one computer and the configuration is applied to all, ensuring that all the servers have the same access policies configured. This is particularly useful in large organizations, where arrays can include many ISA Server computers.

For more information about enterprise management see Enterprise Management at ISA Server Guidance (

For more information about ISA Server administration concepts, see Introduction to ISA Server Administration at ISA Server Guidance.