Viewing the System Policy
By default, ISA Server 2004 does not allow outbound access to the Internet from any
protected network and it does not allow Internet hosts access the firewall or any networks
protected by the firewall. However, a default firewall System Policy is installed that allows
network management tasks to be completed.
Note:
A protected network is any network defined by the ISA Server 2004 firewall that is not part
of the default External network.
•
Perform the following steps to see the default firewall System Policy:
1. Click Start and point to All Programs. Point to Microsoft ISA Server and click ISA
Server Management.
2. In the Microsoft Internet Security and Acceleration Server 2004 management
console, expand the server node in the scope pane (left pane) and click on the Firewall
Policy node. Right click on the Firewall Policy node, point to View and click Show
System Policy Rules.
3. Click the Show/Hide Console Tree button and then click the Open/Close Task Pane
arrow (the little blue arrow on the left edge of the task pane on the right side of the
console). Notice that the ISA Server 2004 Access Policy represents an ordered list.
Policies are processed from top to bottom, which is a significant departure from how ISA
Server 2000 processed Access Policy. The System Policy represents a default list of
rules controlling access to and from the ISA Server 2004 firewall by default. Note that the
System Policy Rules are ordered above any custom Access Policies you will create, and
therefore are processed before them. Scroll down the list of System Policy Rules. Notice
that the rules are defined by:
ISA Server 2004 Configuration Guide 69
