Welcome to Ricky M. Magalhaes' Section

Ricky M. Magalhaes is a security specialist that has worked as a consultant and IT technical specialist for the past 8 years. He has been primarily responsible for implementation and design of Security, network architecture, communications, network infrastructure and Security R&D for many South African organizations that he works with. He is a windows 9x product specialist and has been working with the windows product since version win 3.11. He has also written articles on security for www.windowsecurity.com ; www.ISAserver.org ; www.governmentsecurity.com and many other well known security and technology websites.

Ricky is furthering his knowledge in the IT security arena, specifically leaning towards internet security and forensics. Ricky’s ISA sever skills are evident and he does various ISA talks nationally around South Africa on Microsoft’s behalf as well as security talks and seminars. Ricky Magalhaes has been personally thanked by Bill Gates for his involvement in solving ISA related complexity. He deals with: Governmental entities, City municipalities, aero space entities, Auditors, Law firms etc…

A word from the Author:

My recommendation would be for you to install the product try to break it and fix it put it through its paces; this is one of the best ways to learn about it. Analyze the logs and look in event viewer. Most of the problems are logged in the event viewer.

My next recommendation would be to ask the experts, do not be proud, rather ask and know than not to ask and never know. Pride comes after being humble. Keep testing and finding out about the product in this way you will find out pertinent information that will make your solutions successful.

Ricky M. Magalhaes

Ricky M. Magalhaes' Latest Contributions

Creating Networks with ISA 2004 (Part 2): Date - Jul 13, 2006; Section - Tutorials / Configuration - General; In part one of this article series we focused on network creation and network relationships. In this article we will focus on advanced network design and network flow within ISA 2004.
Creating Networks with ISA 2004 (Part 1): Date - Jun 29, 2006; Section - Tutorials / Configuration - General; In this article we will focus on network creation and network relationships within ISA 2004.
Optimizing ISA 2004 caching (Part 2): Date - Jun 15, 2006; Section - Tutorials / Configuration - General; In the second part of this article we will cover additional optimization techniques that can be used.
Optimizing ISA 2004 caching (Part 1): Date - Jun 01, 2006; Section - Tutorials / Configuration - General; This two part article will serve as an informative map on ISA 2004 caching and as a guide on the optimization of the ISA Server 2004 cache.
Optimizing ISA performance (Part Two) - Performance Tweaking: Date - May 11, 2006; Section - Tutorials / Configuration - General; This article is a continuation of the first 9 step article titled Optimizing ISA performance (part one).
Optimizing ISA performance (Part One) - Nine Basic Steps: Date - Apr 20, 2006; Section - Tutorials / Configuration - General; In this article we will cover several methods that can be used to improve the performance of Microsoft ISA Server 2004.
Hardening ISA Server 2004 (Part 2): Date - Mar 16, 2006; Section - Tutorials / Configuration - Security; This series consist of two articles whereby I will cover the hardening of your ISA 2004 server, in this article I will cover auditing of the firewall and how to go about checking things that need to be done.
Hardening ISA Server 2004 (Part 1): Date - Mar 09, 2006; Section - Tutorials / Configuration - Security; This series consists of two articles whereby I will cover the hardening of your ISA 2004 server. This part of your firewall procedure is extremely important and often overlooked by many. Firewalls inherently are set up to be secure but there are certain procedures that make them a lot more secure. These articles will cover some of the important considerations.
Understanding ISA 2004 Monitoring (Part 2): Date - Feb 09, 2006; Section - Tutorials / Configuration - General; In part two of this monitoring series, we will cover information pertaining to sessions and the monitoring of the sessions using the sessions tab in the monitoring component. We will also cover the services tab and go through an easy way of starting and monitoring the ISA 2004 services in one of the ISA 2004 tabs. In addition to this, we will cover the connectivity tab and most importantly the logging tab.
Understanding ISA 2004 Monitoring (Part 1) - The Dashboard and Beyond: Date - Feb 02, 2006; Section - Tutorials / Configuration - General; Many organizations have the basic requirement of being proactive, and have taken the measurement approach when identifying if the IT/IS investment in their information technology assets are being maximized. The only true way of measuring and managing this resource is by monitoring the resource closely and reporting on the resource on a continuous basis. Security assets that are critical to the business are often installed and forgotten and this is why it is recommended that a strong understanding of the monitoring process of ISA 2004 is fundamental to its management.
Editing the ISA Server 2004 System Policy (Part 2): Date - Mar 10, 2005; Section - Tutorials / Configuration - General; In this two part article I will cover the default settings of the ISA 2004 System policy and how these can be manipulated to enable ISA to interact differently with other networked resources. The ISA system policy editor is one way of configuring ISA in a secure way and in also making changes that can un-secure ISA. This is why the security professional must understand the permutations of the system policy tool.
Editing the ISA server 2004 System Policy (Part 1): Date - Nov 23, 2004; Section - Tutorials / Configuration - General; In this two part article I will cover the default settings of the ISA 2004 System policy and how these can be manipulated to enable ISA to interact differently with other networked resources.
Publishing a TCP/IP Printer behind ISA Server: Date - Nov 03, 2004; Section - Tutorials / Publishing; In this tutorial I will outline and highlight the importance of being able to print from the internet to a published printer, which is available to you no matter where you are in the world.
Using ISA server to publish VNC for remote control from the Internet: Date - Oct 21, 2004; Section - Tutorials / Publishing; In this tutorial I will cover how to publish VNC using ISA server so that you will able to administer both ISA server and your network form the internet. It may be important for most organizations, that you the ISA administrator always have access to the ISA sever or and the network for administration purposes. It could happen that you are going on leave and your counterpart or colleague is having difficulty making a change on the ISA server or on one of the servers on your network.
Configure ISA to enable a DNS intrusion detection filter: Date - Sep 29, 2004; Section - Tutorials / Configuration - General; This article will focus on the capabilities of ISA when enabling intrusion detection and the importance thereof.
Opening MSN through ISA server: Date - Sep 23, 2004; Section - Articles; In this tutorial I will show you how to open ISA up so that MSN can pass through it and so that you can communicate with other MSN clients on the internet. Please bear in mind that MSN should not be opened up if there is any chance of abuse that can take place, whilst using it you can potentially put your organization at risk.
Configuring DHCP and DNS for ISA automatic discovery: Date - Sep 15, 2004; Section - Tutorials / Configuration - General; In this tutorial I will highlight the advantages of having automatic configuration of your ISA web proxy and firewall clients. In a rollout of more than 50 clients this can prove as an incredible time saver helping you to roll out as soon as a user logs into a machine that has internet explorer already preinstalled.
Understanding and Configuring ISA content groups: Date - Oct 29, 2002; Section - Tutorials / Configuration - General; In this tutorial I focus on Content groups and how they function. I will also show you how to configure content groups. This will enable you to restrict certain objects on the internet specific to webpage’s that you might want to limit either for security reasons or bandwidth limitations that your organization may have.
Understanding SSL bridging and tunneling within ISA: Date - Oct 23, 2002; Section - Tutorials / Configuration - Security; In this tutorial I will explain ISA’s SSL (Secure Socket Layer) bridging capabilities and features to give you a better understanding of this feature so that you can use it to strengthen your ISA infrastructure within your Networking environment.
Using ISA Content Groups to Restrict the Use of Non Business Related Traffic: Date - Oct 14, 2002; Section - Tutorials / Configuration - General; Ensure that your bandwidth is used efficiently. This tutorial will show you how to configure ISA Server's content groups to streamline and enforce your bandwidth policies, giving you the control that you may require.
Using ISA dial on demand for Internet connections.: Date - Oct 01, 2002; Section - Tutorials / Configuration - General; This tutorial will cover the outline about using ISA dial-on-demand, reasons and various scenarios where dial-on-demand ISA technology can be used. I will also show you how to set alerts to ensure that this technology does not fail you or your organization. In mission critical environments where internet is a vital resource it may prove necessary to utilize this untapped ISA feature.
Creating an alert that informs you that when your ISA service is not responding.: Date - Sep 16, 2002; Section - Tutorials / Configuration - General; In this tutorial I will go about showing you how to configure an ISA built in alert, which informs you about one or all of your ISA server services that have failed. Some people purchase extra 3rd party software that monitors your ISA server services, and informs you when the service goes down or is unavailable.
Custom error pages within ISA: Date - Sep 09, 2002; Section - Tutorials / Configuration - General; In this tutorial I will cover how you can go about creating and editing custom error messages specific to your organization, from messages that are stored within ISA by default.
Regulating Access to websites using Schedules and Site and content rules.: Date - Aug 07, 2002; Section - Tutorials / Configuration - General; In this tutorial I will show how to regulate access to a specific website during specific hours using site and content rules leveraging on schedules.
Using ISA to block specific domain names from emailing your organization.: Date - Jul 18, 2002; Section - Tutorials / Configuration - General; In this tutorial I will cover how to use ISA to block specific domains from being able to mail people within your organization. All of us hate spam even after the initial hype of all the fancy chain letters and promotional goods after a while it gets a bit much. Many users within the organization get spam and get very frustrated when receiving spam.
Using ISA to force SSL connections to published websites: Date - Jul 03, 2002; Section - Tutorials / Publishing; When managment tells you that you need to secure the trafic sent to and from your published websites what do you do? Use SSL
Troubleshooting ISA authentication issues: Date - Jul 01, 2002; Section - Tutorials / General Guides and Articles; When push comes to shove you need to sort out authentication problems quickly and without hesitation. This tutorial will help you do this.
Basic visual Monitoring using ISA MMC: Date - Jun 11, 2002; Section - Tutorials / General Guides and Articles; This new Tutorial will cover using the built in features of ISA to monitor connections, services, publishing and other aspects of ISA
Understanding ISA Firewall, H.323 and packet filter Performance counter.: Date - Apr 17, 2002; Section - Tutorials / Configuration - General; It is always a good idea to check that all of your ISA services are running after a server restart or when the peak hours are in progress. Make sure that you can access local sites and web based applications quickly using the Firewall client without any errors. If this is so then you will not need to go any further because everything is working.
Understanding ISA Web Proxy service Performance counters.: Date - Apr 05, 2002; Section - Tutorials / Configuration - General; In this tutorial I will cover a theoretical overview of the importance of why you need to monitor your ISA servers. I will highlight the Web Proxy service counters available and mention some political strategy on dealing with users that abuse the system. Further down I will also outline what counters that I will cover in the following tutorials. I will cover how best to read these counters in the next tutorial. I will describe what use the counters have to you as the IT professional tasked with the responsibly of the upkeep of your organizations ISA server.
Tutorial C of ISA Server exam 70-227 typical type questions and examples and Exam Cram.: Date - Mar 27, 2002; Section - Tutorials / Configuration - General; This is not a brain dump and you will not find these exact questions in the exam. The questions here are similar type questions and have content and the information similar to what you have to learn in order to pass the question I have done this to protect the integrity of the exam and those who have worked hard to pass the exam. However if you read the tutorials carefully you will pass the exam but you could have learnt the relevant information to do your job in the real world also. When I say ‘learn to do this’ the required information can be found within ISA server itself, in other Authors tutorials at www.isaserver.org and in this tutorial. Read carefully.
Exam 70-227 tutorial A: Date - Mar 14, 2002; Section - Tutorials / Certification; There are 55 Questions in this exam and the exam is form based that means you fill in the form like filling in a survey on the Internet. To pass this exam you need to get 720/1000 and you have 160 minutes to do the exam in. Use as much of this time as you can that’s why they give you the time.
ISA Server exam 70-227 typical type questions and examples. Tutorial B of Exam 70-227.: Date - Mar 14, 2002; Section - Tutorials / Certification; This is not a brain dump and you will not find these exact questions in the exam. The questions here are similar type questions and have content and the information similar to what you have to learn in order to pass the question. I have done this to protect the integrity of the exam and those who have worked hard to pass the exam. However if you read the tutorials carefully you will pass the exam but you would have learnt the relevant information to do your job in the real world also. When I say ‘learn to do this’ the required information can be found within ISA server itself, in other Authors tutorials at www.isaserver.org and in this tutorial. Read carefully.
Configuring ISA outbound web listener.: Date - Feb 27, 2002; Section - Tutorials / Configuration - General; In this tutorial I will show you why it is sometimes useful to change the out going web listener, and where you can change it. A listener is a port on the ISA server that is listening for TCP (transmission control protocol) connections. ISA server is configured by default to listen on port 8080 but most of the organizations I have dealt with are upgrading from either Microsoft Proxy or from another type of Fire walling product and they have quite a few web proxy clients that have a hard coded proxy setting within their Internet explorer browser.
Using routing rules.: Date - Feb 04, 2002; Section - Tutorials / Configuration - General; Routing rules are part of the Network Configuration module of ISA and enable you perform various operations described below when configured correctly. This type of tool is very useful in the majority of organizations, especially when you need specific URL’s or web requests redirected to an upstream ISA server or to a server in a different physical location, this maybe at one of your company branches which may lie closer to the web resource, speeding up internet access.
Understanding protocol rules.: Date - Jan 25, 2002; Section - Tutorials / Configuration - General; Protocol rules identify which protocols may be utilized for communication, between the internal network and external public domain or Internet. Protocol rules are processed at the application level of the OSI model. Protocol rules dictate to ISA clients which protocols can be utilized to access resources on the Internet. Protocol rules can be configured to allow or deny the use of one or more protocol definitions.
Understanding Site and content rules.: Date - Jan 16, 2002; Section - Tutorials / Configuration - General; Site and content rules are an integral part of ISA server, and require a good understanding in order to configure ISA server to perform the functions described below. These rules are a very powerful part of ISA and mastering them will help you to get the results required by your organization.
Making streaming media available to internal ISA clients.: Date - Jan 03, 2002; Section - Tutorials / Configuration - General; The streaming media filter enables secure network address translation (Secure NAT) and ISA Firewall clients to use streaming media protocols to access media streaming resources on the internet. In this tutorial I will outline what is involved in making streaming media filter available to internal ISA clients.
Configuring live stream splitting for streaming application filters.: Date - Dec 21, 2001; Section - Tutorials / Configuration - General; In this tutorial it will be shown how to configure live media steam splitting, this configuration is useful when many people in your organization are using the internet to stream media from the same source.
Configuring authentication methods for ISA: Date - Dec 19, 2001; Section - Tutorials / Configuration - Security; It is important to have some sort of authentication method when using clients to access a resource through ISA, not doing so could result in unauthorized access to resources in or outside of your network. ISA has various methods of authenticating clients, I have discussed this in a previous tutorial (Understanding ISA’s different Authentication types). I will tutor you on how to configure various authentication types best suited for your ISA server. While showing you in five easy steps, how to configure the various authentication types, I will not go into too much detail on each authentication type. For more comprehensive on authentication types information please refer to my previous tutorial (Understanding ISA’s different Authentication types).
Understanding ISA’s different Authentication types.: Date - Dec 03, 2001; Section - Tutorials / General Guides and Articles; It is important to understand the types of authentication that ISA can use to validate with other servers and applications. This tutorial will outline the authentication methods, but will not focus on the configuration of each. Look out for other tutorials in my section on the configuration side of Authentication. Please note that all of the tests are performed using IE5.5 browsers and above, some browsers do not support other authentication types other than basic authentication.
Understanding how ISA server clients use DNS.: Date - Dec 03, 2001; Section - Tutorials / General Guides and Articles; This tutorial will outline and reveal how the ISA server clients achieve DNS resolution. It will give you a better understanding on how each ISA server client interoperates with ISA server’s DNS or with the DNS servers directly, and will also assist you in choosing the correct client for the job. There are advantages and disadvantages in using each client I will highlight these and also propose a work around solution where there are downfalls.
Manually installing the ISA firewall client.: Date - Nov 28, 2001; Section - Tutorials / Configuration - General; The main reason that the firewall client is beneficial to an organization is that user or group access control can be used. Secure NAT does not allow this. The firewall logging is also more detailed, and you are also able to see which users are visiting which internet resources. The downfalls of the firewall client are that the software has to be installed on each machine that needs to become a firewall client and that the software is only Microsoft 9X and above compliant. Firewall clients only support TCP & UDP protocols.
Understanding and installing ISA Firewall Clients: Date - Nov 02, 2001; Section - Tutorials / Configuration - Security; This tutorial was made to enable you to understand why a firewall client is used and also to understand it’s limitations and advantages over other ISA clients. Please NOTE: this tutorial is not here to describe how to configure the firewall client in detail.
Understanding ISA’s Services.: Date - Oct 18, 2001; Section - Tutorials / General Guides and Articles; As a fundamental part of ISA it is crucial that you as an administrator understand the principles of how the ISA services work with each other, and how they interoperate with the clients that attach to them. I have drawn up a diagram and written about how these services interact with each other to give you a better understanding of how these services function within ISA.
Configuring alerts to notify the administrator through email: Date - Oct 18, 2001; Section - Tutorials / Configuration - Security; As part of monitoring, it is vital that you get alerted when there is an intrusion or an attack taking place on your network. ISA has methods of identifying when an attack is attempted or taking place on your network. ISA Server compares network traffic and log entries to well-known attack methods that are used by hackers. ISA also has the capability of taking actions when these attacks are taking place.
Denying access to a specific webpage(s) using Site and Content rules.: Date - Sep 26, 2001; Section - Tutorials / Configuration - General; This tutorial will show you how to deny access to a specific website using Site and content rules.