1. Microsoft Internet Security and Acceleration Server: An Overview of Service Pack 1��Vic Singh Shahid & John Morello�Support Engineer�Microsoft Corporation
2. 2
3. 3 About Microsoft ISA Server�Secure, Fast Internet Connectivity
4. 4 Brief Feature List Transparency for all clients and servers
Enterprise policy
Group policy
Schedules
Active Directory integration
Extensible application filters
SMTP filter
Streaming media splitting
H.323 filter and gatekeeper
MMC-based UI
Task pads, wizards
Remote administration
Configuring Exchange Server behind firewall
IIS separation RAM caching
New cache store
Scheduled content download
VPN integration
Intrusion detection
System hardening
NTLM and Kerberos authentication
Dual-hop SSL
Customizable alerts
Logging: W3C format, selectable fields
Integrated reporting
Bandwidth control
New APIs
Modular installation
5. 5 About Service Pack 1 (SP1) SP1 for ISA released one year and two months after ISA
Includes all hotfixes since RTM
Includes approximately 250* other fixes (*250 total issues noted, but only 85 were problems)
Client fixes
Released simultaneously in: English, German, Japanese, French, and Spanish
6. 6 SP1 Installation Same executable for standard and enterprise version
Upgrades RTM version or any combination or pre-SP1 hotfixes
Does not install on evaluation version
Client updates require a reinstallation of the client from the original server location
7. 7 Security Fixes Q295389, "Scripts Can Be Run in the Error Page That Is Returned by ISA Server"
Q289503, "Memory Leak in ISA Server H.323 Gatekeeper Service and Winsock Proxy Service When Decoding Malformed Packets"
8. 8 Stability Related Fixes Q288247, "Access Violation in Mspadmin.exe with ISA Server with Multiple IP Addresses on an External Interface"
Q295279, "Web Proxy Service Crashes If URL Requests a Specifically Malformed Argument"
Q307784, "Server Publishing Rules Intermittently Fail"
Q312640, "DNS or UDP Program Stops Working Through ISA Server"
Q294722, "Proxy Error 502 Is Returned by ISA Server Under Heavy Stress"
Q295090, "Access Violation in W3proxy.exe Because of HTTP VARY Header Proc"
Q290731, "Firewall Service (Wspsrv.exe) Problems with High S-NAT Client Load"
9. 9 Functionality Related Fixes Q291427, "Only the First Web Site Is Returned Using Web Publishing"
Q297080, "Incomplete HTML Pages and Random Authentication Prompts"
Q300707, "Invalid Content-Length Header May Cause Requests to Fail"
Q311777, "How to Enable Translating Client Source Address in Server Publishing"
Q297515, "All Requests from SecureNAT and Firewall Clients Are Denied"
10. 10 Functionality Related Fixes (2) Q301575, "Clients Are Unable to Connect to an FTP Server that Is Published on the Secondary IP Address of ISA Server"
Q301425, "ISA Server Does Not Cache Responses Containing Location Header"
Q304340, "The ISA Server Response to Client Options Requests Is Limited"
Q292018, "Slow Response from Downstream ISA Server Using Web Proxy Chain"
Q313056, "A GET Request After a POST Request Does Not Work If There Is an Extra CRLF in the Content"
11. 11 Functionality Related Fixes (3) Q291000, "External MAPI Clients Cannot Connect with RPC"
Q295089, "You Are Denied Access to a Destination Set When You Use Site and Content Rules"
Q313525, "Proxy-to-Proxy Authentication Does Not Work Between a Downstream ISA Server and an Upstream Proxy 2.0 Server"
Plus: Cosmetic and functional fixes to the user interface to allow for better storage and retrieval of settings and Information
12. 12 Client Fixes Q295388, "Access Violation Occurs in Your Firewall Client When It Is Under a High Load and Is Using WSPAD"
Q303379, "Firewall Client Conflict with Third-Party Layered Service Providers Causes Connectivity Problems"
Q303757, "Proxy Client Conflict with Third-Party Providers Causes Problems"
Q313347, "Automatic Detection Causes the Program to Stop Responding for Several Seconds"
Q312391, "ISA Firewall Client Shows Connection to Server Name Instead of IP Address"
13. 13 Inclusive List of Updates Q313249, "List of Bugs Fixed by Internet Security and Acceleration Server 2000 Service Packs"�http://support.microsoft.com/support/misc/kblookup.asp?id=Q313249
14. 14 Installation ISA Server Service Pack 1 now available at �http://www.microsoft.com/isaserver�/downloads/sp1.asp
15. 15 SP1 Re-Release Important:Microsoft previously recommended thatcustomers who had deployed SP1 on the original release in mid-January, and were not using the SMTP filter, should continue to use SP1. Customers who downloaded and deployed SP1before January 24, 2002 are strongly encouraged to install the most current version of SP1 on all computers running ISA Server over their current version.
To determine which version of SP1 you have installed, look at the build version number. The new build version of SP1 is 1200.166. If you have build version 1200.165, you should apply the new SP1 build over your current SP1.
16. 16 Major Improvements Registry key "UseISAAddressInPublishing" to allow full-NAT with server publishing
Registry key to "AddFrontEndHttpsHeader" to enable SSL Offloading to work with OWA
Adds support for Windows .NET server products
Stability improvements
Functionality improvements
17. 17
