ISA Server 2004 Configuration Guide 114
Introduction
An ISA Server 2004 client is a machine that connects to a resource by going through the ISA
Server 2004 firewall. In general, the ISA Server 2004 client is located on an Internal or
perimeter network segment and connects to the Internet through the ISA Server 2004 firewall.
There are three ISA Server 2004 client types:
• The SecureNAT client
• The Web Proxy client
• The Firewall client
A SecureNAT client is a machine configured with a default gateway that can route Internet-
bound requests through the ISA Server 2004 firewall. If the SecureNAT client is on a network
directly connected to the ISA Server 2004 firewall, the default gateway of the SecureNAT
client is the IP address of the network interface on the ISA Server 2004 firewall connected to
that segment. If the SecureNAT client is located on a network segment that is remote from the
ISA Server 2004 firewall, the SecureNAT client is configured with an IP address of a router
that routes Internet bound requests through the ISA Server 2004 firewall machine.
A Web Proxy client is a machine whose browser is configured to use the ISA Server 2004
firewall as its Web Proxy server. The Web browser can be configured to use the IP address of
the ISA Server 2004 firewall as its Web Proxy server, or it can be set to use the ISA Server
2004 firewall’s Web Proxy autoconfiguration script. The autoconfiguration script confers a
higher level of flexibility in controlling how Web Proxy clients connect to the Internet. User
names are recorded in the Web Proxy logs when the machine is configured as a Web Proxy
client.
A Firewall client is a machine that has the Firewall client software installed. The Firewall client
software intercepts all Winsock application requests (typically, all TCP and UDP requests)
and forwards them directly to the Firewall service on the ISA Server 2004 firewall. User
names are automatically entered into the Firewall service log when the Firewall client
machine connects to the Internet through the ISA Server 2004 firewall.
The following table summarizes the features provided by each client type.
Table 1: ISA Server 2004 Client Types and Features
Feature SecureNAT client Firewall client Web Proxy client
Installation
Yes, requires some network
configuration changes
Yes
No, requires Web
browser configuration
Operating system
support
Any operating system that
supports TCP/IP
Only Windows
platforms
All platforms, but by way
of a Web application
Protocol support
Application filters for multi-
connection protocols
All Winsock
applications
HTTP, Secure HTTP
(HTTPS), and FTP
User-level
authentication
support
Yes, for VPN clients only Yes Yes
We will discuss the following procedures in this ISA Server 2004 Configuration Guide
document:
• Configuring the ISA Server 2004 SecureNAT client
