SBS 2003 : Mise a jour de ISA 2000 en ISA 2004 avec le Service Pack 1

Pour ceux qui dispose d'un SBS 2003 en version US la version du SP1 est disponible là :
https://www.microsoft.com/downloads/details.aspx?FamilyId=B6F8A4C0-B707-4161-ADEB-44F1B756119F&displaylang=en

Les nouveautés apportées par ce SP sont nombreuses (plus d’informations sur  https://www.microsoft.com/downloads/details.aspx?FamilyId=B5846A14-F306-41F0-9D1F-97F615E62ADF&displaylang=en) et celle qu’y m’intéresse particulièrement c’est celle concernant les SBS 2003 Premium avec ISA Server 2000 : Le Service Pack 1 de SBS met à jour votre ISA 2000 en ISA 2004 SP1 !!!! :-D

Bien entendu, il est très fortement recommandé de lire les recommandations avant d’exécurter les yeux fermé l’installation du service pack :-) https://go.microsoft.com/fwlink/?LinkId=41392

Extrait :

“ISA Server 2004 with SP1 is Included (Premium Edition Only)

Windows SBS with SP1, Premium Edition, includes ISA Server 2004 with SP1. ISA Server 2004 contains a full-featured, application-layer-aware firewall; virtual private network (VPN); and a Web cache. These features help improve network security and performance. To install ISA Server 2004, insert the Premium Technologies disc, and then click Install Microsoft Internet Security and Acceleration (ISA) Server 2004 on the Setup page. This installation link simplifies the installation and configuration of ISA Server for Windows SBS.

ISA Server 2004 Defaults to a Secure-Network State if the Firewall Service is Not Running (Premium Edition Only)

With ISA Server 2004, all network traffic is blocked at the firewall if the Microsoft Firewall Service is stopped or if it fails to start. As a result, the network, including the client computers on your internal network, cannot communicate with your server.

ISA Server 2004 is more secure than previous versions because it goes into "lockdown mode" to protect your network from intrusion. This is a change from ISA Server 2000, in which all traffic is allowed to pass through the firewall if the Microsoft Firewall Service fails to start.

PINGs From the Internet Are No Longer Passed to the Server

In Windows SBS with SP1, PINGs from the Internet are filtered and are no longer passed to the server. This behavior takes effect the first time you run the Configure E-mail and Internet Connection Wizard. This helps to protect your network from attackers probing for openings into your network.”

La page d’accueil du SP1 de SBS c’est ici :
https://www.microsoft.com/windowsserver2003/sbs/downloads/sp1/default.mspx

La Foire Aux Questions c’est ici :
https://www.microsoft.com/windowsserver2003/sbs/techinfo/overview/generalfaq.mspx