QSG SE Policy

ISA Server 2006 determines if a packet is allowed to pass through or denied based upon the following rule sets in the following order:

  • Network Rules. You can use ISA Server 2006 to configure network rules, thereby defining and describing a network topology. Network rules determine whether there is a relationship between two network entities, and what type of relationship is defined. Network relationships can be configured as follows:
    • Route. Client requests from the source network are directly relayed to the destination network. The source client address is included in the request.
    • Network address translation (NAT). ISA Server replaces the Internet Protocol (IP) address of the client on the source network with its own IP address.
      When no relationship is configured between networks, ISA Server drops all traffic between the two networks.
  • System Policies. ISA Server 2006 includes a default system policy configuration, which allows use of services commonly required for the network infrastructure to function properly.
  • Firewall Policies. Using ISA Server 2006, you can create a firewall policy, which includes a set of publishing and access rules. These rules, together with the network rule and system policies, determine how clients access resources across networks.

For more information about network rules, system policies, and firewall polices, see the product Help.