For many years ISA did a great job inspecting INbound HTTPS traffic, exposing these connections to its powerful HTTP Security Filter and protecting the published web servers. However, it is not able to inspect OUTbound HTTPS connections natively.
There are some third-party plug-ins available on the market that you can use to extend ISA functionality to inspect these kind of traffic, although, you have to pay for them. On this article we will see how to install and configure SSL Decoder (free add-on) to inspect HTTPS connections on ISA firewall.
What is ISA Server Toolkit?
– Config Viewer: Tool designed for the offline analysis of the Microsoft ISA Server (Forefront TMG) configuration.
– Keywords Finder: Tool designed to analyze Microsoft ISA Server (Forefront TMG) log files in order to find out what keywords users enter in various search engines.
– MDF Viewer: Tool designed to analyze and view Microsoft ISA Server (Forefront TMG) log files stored in the MDF format.
– Pascal Script Studio: Tool designed to create, edit, run and debug administration scripts in the Pascal language.
– Config Backup: Web filter for Microsoft ISA Server (Forefront TMG) designed to automatically back up the ISA Server (Forefront TMG) configuration.
– Response Modifier: Web filter for Microsoft ISA Server (Forefront TMG) designed to automatically replace substrings on returned HTML pages.
– Client Host Name Resolver: Web filter for Microsoft ISA Server (Forefront TMG) designed to automatically resolve client IP addresses into DNS computer names and to automatically add new items to the Computers list of the Microsoft ISA Server (Forefront TMG) console.
– Client User Name Resolver: Web filter for Microsoft ISA Server (Forefront TMG) designed to automatically convert logins into complete usernames with the help of Active Directory.
– URL Normalizer: Web filter for Microsoft ISA Server (Forefront TMG) designed to automatically convert the IP addresses of visited sites into their text representation.
– Advanced Web Routing Rules: Web filter for Microsoft ISA Server (Forefront TMG) designed to redirect the outbound web traffic to various servers and upstream proxy servers depending on certain conditions.
– SSL Decoder: Web filter for Microsoft ISA Server (Forefront TMG) allowing you to peek inside SSL traffic.
– Headers Modifier: Web filter for Microsoft ISA Server (Forefront TMG) that is used to automatically modify web request headers passing through ISA Server (Forefront TMG).
Installation of ISA Server Toolkit
The ISA Toolkit installation is very simple and easy, at time of this writing, the current version is 1.4. After you run the program it will present a Welcome screen, click Next button.
On License Agreement screen click Next
On Choose Components screen we will select only SSL Decoder, since it is the only component we want to install right-now.
Now we will choose to Install all components, because we’re installing it on ISA firewall. Later, you can run the program on your worktation and choose to Install Management Console component to manage ISA Toolkit components from your workstation. The ISA Server Toolkit Management Console, integrates on ISA management console.
The next screen is a warning saying ISA Toolkit will need to restart Microsoft Firewall service in order to complete the installation. Mark the checkbox and click on Next button.
On Choose Install Location screen, we are going to leave the defaults and Click on Install button to start the installation.
After the installation finishes, unmark the checkbox and click on Finish button.
This first part series I showed to you what is ISA Server Toolkit, gave a brief description of all it’s components and how to install it on ISA firewall. The next part of the article we will focus on SSL Decoder component and see how it works.
See you next time!!
Follow me on twitter: http://twitter.com/poliveirasilva