My test network at our Real-World Labs(R) at Syracuse University was straightforward (see "ISA Server Test Network," above right), and I was disappointed to see that I couldn't achieve the kind of access control, including restricting internal users from internal servers, with ISA Server that's possible with other common firewalls. ISA Server is a good fit in networks with modest access-control needs and simple architectures. For more granular access control to servers and services, you'd be better off with a dedicated firewall package.

I also found the real-time monitoring sparse, listing only current sessions and displaying few securityrelated events. ISA Server logs traffic to a set of log files in W3C format or an ISA Server text format; if you don't have a log parser running, these can be difficult to read. Optionally, events can be logged to an ODBC database. A few rudimentary reports can be scheduled to run-showing common statistics such as where traffic is going to or coming from, top talkers, and events-but they're high-level and don't provide the detailed data needed to effectively manage a security device.

ISA FLAVORS

ISA Server is available in both a standard edition and an enterprise edition. The standard edition, at $1,499 per CPU, is a standaloneserver product that doesn't require an Active Directory and supports up to four CPUs; in the case of multiple ISA Server computers, each one is managed individually. The enterprise edition, at $5,999 per...