- Exploring the ISA Server 2004 Management Console
- Configuring Networks with ISA Console Network Wizards and Tools
- Exploring Firewall Policy Settings
- Navigating the Monitoring Node Options
- Working with the Virtual Private Networks Node
- Examining the Cache Node Settings
- Configuring Add-ins
- Exploring the ISA General Node
- Summary
- Best Practices
Examining the Cache Node Settings
The Cache node in the ISA Server console, shown in Figure 3.31, is where content caching can be enabled and configured on an ISA Server. Although not enabled by default in the ISA Console, enabling caching can improve network performance and response time by saving copies of images, text, and other data that clients download from web and FTP sites on the Internet and making them available to the next client that requests information from that particular site.
FIGURE 3.31 Viewing the ISA Console Cache node.
This section contains a high-level description of the settings available in the ISA Server Console under the Cache node. Further information on deploying ISA Server for its content caching capabilities can be found in Chapter 8.
Enabling Caching
It is not immediately evident how to enable caching, in that it is disabled by default when ISA is deployed. Caching is enabled when physical drive space is made available to the caching service. To perform this action, follow these steps:
- Open the ISA Server 2004 Management Console (Start, All Programs, Microsoft ISA Server, ISA Server Management).
- From the console tree, select the Cache node by clicking on it.
- In the Tasks pane, click the link entitled Define Cache Drives (Enable Caching).
- In the Define Cache Drives dialog box, select the drive where the cache will be stored.
- Enter the Maximum cache size in megabytes in the field provided, and click the Set button.
- Click the OK button.
- Click the Apply button that is displayed at the top of the Central Details pane.
When presented with the option to restart the services or not, as shown in Figure 3.32, select Save the Changes and Restart the Services and click OK.
FIGURE 3.32 Enabling caching.
- Click OK when finished.
Understanding Cache Rules
Caching behavior by ISA is made granular and more configurable through the addition of specific caching rules. Each caching rule allows for specific types of content to be processed in different ways, depending on the needs of the administrator.
By default, when caching is enabled, a default cache rule is put into place that caches objects based on default settings. Additional caching rules can be configured by clicking on the Create a Cache Rule link in the Tasks tab. Each rule created can contain the following customizations:
- Source and destination networks
- What types of items are retrieved and stored in the cache
- HTTP caching settings, such as the Time to Live (TTL) of objects retrieved
- File Transfer Protocol (FTP) caching settings
- Secure Sockets Layer (SSL)–specific settings
- Object size limitations
Just as with firewall rules, caching rules are applied in order, from top to bottom, until a match is made. Through the creation of multiple caching rules, fine-grained control over the caching settings of the clients can be achieved.
Examining Content Download Jobs
The final set of options available under the Cache node revolve around the capability of the ISA caching engine to automatically download content based on a defined schedule. This can be useful if specific websites need to be always up to date and quickly available to internal clients.
Content Download Jobs can be enabled and configured via the Content Download Jobs tab in the Central Details pane of the Cache node. When configuring this setting up via the Schedule a Content Download Job link in the Tasks tab, two changes must be made to the configuration. These changes, shown in the dialog box in Figure 3.33, are to allow the Local Host to listen for web proxy requests via a rule, and enabling a special system policy rule. After these settings are automatically configured, specific content download jobs can be created.
FIGURE 3.33 Enabling content download jobs.
Content download jobs can be scheduled weekly, daily, hourly, or only once, as needed. They also can be configured to browse and download the content of only a single URL page on the Internet, or to follow a certain number of links "deep" from the page that is being accessed.