TheÂ MCSE Microsoft Internet Security and Acceleration Server 2000 Training Kit is a strange book. Most serious MCSA students will absolutely, no questions asked,Â need this book to pass the exam… but you wouldn’t want to read it. That being said, the CD-ROM has something that’s key for MCSE and MCSA students–a 120-day trial edition of the ISA software itself. Considering that the ISA software costs $1,500, buying this book to install that software legally and fool around with it at your leisure is a net savings of $1,440.
The book itself is a step backwards from Microsoft’s usually excellent beginners’ series, and is neither fish nor fowl–it doesn’t offer the gentle introduction to the basic concepts that most Microsoft training kits do, and yet it contains a howling vacuum when it comes to real-life examples. What’s left is a book that outlines each of ISA’s functions in loving detail, without ever telling you why you would want to use any of them.
Let’s give a real-life instruction from the book to explain what we mean:
On the Cache tab, select one of the following options contained in the Cache Content section:
- If you want all content to be cached, select the All Content, Including Dynamic Content, Will Be Cached radio button.
- If you want content to be cached only if source and request headers indicate to cache, select the If Source and Request Headers Indicate to Cache, Then the Object Will Be Cached radio button.
- If retrieved objects should not be cached, select the No Content Will Ever Be Cached radio button.
See what’s missing? At no point does this book actually say what the drawbacks or advantages of caching dynamic contentÂ are.
Why would you want to do it? When would it be a bad idea? What are the real-world differences between caching dynamic content and caching only the content that the headers indicate should be cached–and what option do most system admins choose? From this book alone, you’d have no idea. And this is a constant problem throughout the book. You’re told what ISA can do without being told the reasons behind the options, or even a hint as to what the best option usually is.
Admittedly, most Microsoft training kits are notoriously bad when it comes to actually preparing you for what you’ll face on the exam–their sample questions aren’t even in the standard multiple-choice MCSE/MCSA format, for gosh sake–but theyÂ do excel at providing basic introductions for novices and are excellent refresher courses, making them perhaps the best starting points in the business for any serious certification student. This book, on the other hand, is more of a documentation of the ISA application itself–it tells you quite clearly what ISA does. The book discusses the attacks that Microsoft can automatically detect, but doesn’t tell you what to look for in the logs, nor what common approaches hackers take, or even what toÂ do when you’re under a Denial of Service attack.
Which is not to say that you can’t learn anything from the book–it actually has more content than many other training kits. However, it does mean that if you haven’t used ISA server in the real world until now, you’ll know exactly how to specify a locally bound TCP port, list, or range in the Firewall Client Applications setting.