ISA Server 2004 Best Practices Analyzer Tool V2
Two weeks ago, we released a new version (V2) of the ISA Server 2004 Best Practices Analyzer Tool, which is commonly knowns as the IsaBPA.
What is changed in the new version?
- We added new checks to the IsaBPA. Now we have about 150 rules! We focused especially on authentication and Outlook Web Access checks. We also added SP2 checks, Configuration Storage server (CSS) checks, connection limit checks, and more. Below is a full list of the checks that were added.
- View more settings. The Detailed View Pane contains almost all of the ISA Server settings that can be viewed in the ISA Server 2004 UI. For instance: all policy rules, network rules, networks, alerts, and the list goes on and on… We now display more than 500 settings!
- Pack ISA Diagnostics Tool was added. This tool packs the ISAInfo Report, the IsaBPA Report, and possibly the ISA Server traces into a single cabinet file and places it on the desktop, ready for easy transfer to the ISA Server Support Team in case there is a problem. You can run it from the program menu.
- Bug fixes. We fixed bugs that were found in the last version.
Check |
Error level |
ISA Server configuration is being updated from the Configuration Storage server. |
Warning |
The ISA Server configuration is not up-to-date. |
Warning |
ISA Server cannot connect to the specified Configuration Storage server. |
Error |
The port specified for HTTP redirection is not 80. |
Warning |
The port specified for HTTP redirection in an Outlook Web Access publishing rule is not 80. |
Warning |
The port specified for HTTPS redirection is not 443. |
Warning |
The port specified for HTTPS redirection in an Outlook Web Access publishing rule is not 443. |
Warning |
The port specified for FTP redirection is not 21. |
Warning |
ISA Server does not delegate Basic credentials. |
Warning |
Configured authentication method is never required. |
None |
A Web listener is not listening on the default HTTPS port. |
Warning |
A Web listener is not listening on the default HTTPS port in an Outlook Web Access publishing rule. |
Warning |
An Outlook Web Access publishing rule is listening on an HTTP port. |
BestPractice |
A Web listener is not listening on the default HTTP port. |
Warning |
The rule uses Basic authentication, but the Web server requires NTLM authentication. |
Error |
The rule uses Basic authentication, but the Web server requires Digest authentication. |
Error |
The rule uses Basic authentication, but the Web server requires forms-based authentication. |
Warning |
A Web publishing rule is listening on the External network in a single network adapter scenario. |
Error |
Forms-based authentication is configured on both the rule and on the Web server. |
Error |
The rule uses forms-based authentication, but the Web server requires NTLM authentication. |
Error |
The rule uses forms-based authentication, but the Web server requires Digest authentication. |
Error |
The rule uses NTLM authentication, but the Web server requires Basic authentication. |
Warning |
The rule uses NTLM authentication, but the Web server requires forms-based authentication. |
Warning |
The rule uses NTLM authentication, but the Web server requires Basic authentication. |
Warning |
RADIUS authentication is configured, although no RADIUS servers are specified. |
Warning |
RADIUS authentication is configured, although the RADIUS filter is disabled. |
Error |
The RADIUS server cannot be accessed. |
Warning |
The connection limit is below the default after upgrade from ISA Server 2000. |
Warning |
ISA Server 2004 Service Pack 2 (SP2) is not installed. |
Warning |
The connection limit is below the default. |
Warning |
BITS caching is used in a cache rule other than the Microsoft Update Cache Rule. |
Error |
Getting the new IsaBPA
The IsaBPA is available for download for free and can be found at:
You can also update your old IsaBPA by clicking on the “Update the ISA Server Best Practices Analyzer” link from the IsaBPA itself.
Idan Plonsky, ISA Server Team
Comments
- Anonymous
January 01, 2003
Thanks for the link. Good information on ISA server.