Book Review - Tom Shinders ISA Server 2004

Networking/Security Forums -> News // Columns // Articles

Author: zeedoLocation: Scotland PostPosted: Sat Mar 04, 2006 2:04 pm    Post subject: Book Review - Tom Shinders ISA Server 2004
Tom Shinders ISA Server 2004

Author(s): Tom and Debra Shinder
Publisher: Syngress
Date Published: September 2005
Book Specifications: Softcover, 1022 pages
Category: Firewalls
Publisher's Suggested User Level: Not Rated
Reviewer's Recommended User Level: Intermediate to Advanced
Suggested Publisher Price: $49.95 US / $72.95 CAN
ISBN: 1-931836-19-1 Tom Shinders ISA Server 2004 UK Tom Shinders ISA Server 2004 US

Blurb from back cover:

Go under the Hood of ISA Server 2004
Get inside the Application Layer Filtering (ALF), VPN quarantine, and SSL Bridging.

Create a Supportive Infrastructure
Support the ISA Server 2004 firewall and the clients for DHCP, WINS, DNS, and RADIUS

Automate Client Provisioning
Reduce administrative overhead by automating the Web proxy and firewall client configurations.

Troubleshoot Upgrade Issues
Get it right the first time including ISA Server 2000 and Microsoft Proxy Server 2.0 upgrades.

Control Access through the firewall
Create policy elements in advance, and use the Access Rule Toolset.

Publish to all Major Internet Protocols
Covers HTTPS, FTP, NNTP SMTP, POP3, IMAP4, VNC, pc Anywhere and Terminal Services

Control VPN Clients
Configure Exchange Server access to allow only full Outlook MAPI client access


I'm a big fan of ISA, it's one of the better offerings that Microsoft has and ISA has an impeccable security record. It's powerful software and it is very easy to use, I do have a few niggles here and there with the software itself but it's something I do use personally and professionally. Tom Shinder has long been known as one of the leading experts on ISA server and his books are almost considered the official documentation on the topic. Teaming up with Debra, his wife and fellow MVP they deliver a fantastic breakdown of pretty much everything you could ever want to do with ISA. This book really does cover the breadth and depth of the subject. Since the authors really do have real world experience of using the product day in day out, they can really bring insight from the field which is very important when using a product. Vendor documentation is great to have but nothing compares to experience in the trenches when giving advice and tutorial on setting up such an important piece of your network infrastructure.

Chapter Synopsis & Review Comments

The book consists of 12 absolutely packed chapters, covering everything from setting up VPN's to tweaking application filters.

Chapter 1, begins with the basics – where ISA came from, why you might need it and a look at firewall functionality.

Chapter 2, takes us into the features available in ISA Server and talks about the changes in the latest version.

Chapter 3, Gives some independent comparison of ISA and other products on the market – very important in the decision making process.

Chapter 4, focuses on network infrastructure and where and how you may want to deploy ISA

Chapter 5, We look at client preparation and configuration with ISA and various automated processes

Chapter 6, Gives some quick start information and takes us through the installation (yes chapter 6 and we are just ready to install ! very thorough book)

Chapter 7, We start to look at the firewall policy, one of the basics building blocks of our firewall implementation.

Chapter 8, The all important publishing of service, with detailed and informative advice on how to manage servers for providing mail and web services.

Chapter 9, A very good and easy to follow guide on VPN configuration with ISA

Chapter 10, Application Layer Filtering, One of ISAs best features and easily the books best chapter.

Chapter 11, A look at the caching of ISA and how it can be used to enhance network performance.

Chapter 12, Monitoring, Logging and Reporting good advice and guidance on how to manage and configure reporting from the server. Without this help you can quite easily find ISA's reporting options lacking.

The book is laid out excellently, I wouldn't have picked any other format or chapter layout, it seems to flow perfectly. However I don't believe we need 6 chapters of background information before ISA can be installed, I think the book is slightly overboard on unnecessary information, but nonetheless still quite helpful if you need basic background concepts covered. It can be dry reading as you anticipate getting your hands dirty with the guts of ISA. I'd have liked to see the first few chapters cut a bit. The remaining “guts of ISA” chapters were entirely different and got right to the real world problem of setting up and using ISA in your environment. the real world experience of the authors is obvious as they talk quite frankly about the problems you face and how to overcome them. This sort of insight is why you buy a book and don't just rely on the manual and you get your money's worth here.

Style and Detail

The mostly tutorial, sometimes anecdotal style of the book makes it much easier to read than a manual, even though this book does have all the feel of an official manual. I can't think of anything lacking from the book, every feature of ISA has been covered extremely well with a real focus on getting the job done rather than just documenting every feature indiscriminately. Which is why you see full chapters devoted to the VPN and Application Layer filtering, with detailed walkthroughs and explanations. Some of the tutorials are extremely detailed with enough screenshots to show you what is going on without it feeling like the book is just being padded with images of no real value to the reader.


When discussing books with anyone, this book is constantly referred to as “The ISA book”, partly because of its cumbersome title but mostly because it is all you would need to install, configure and support an ISA installation and it covers much of the content required for any ISA exams. The most valuable asset the book has is its authors experience. When deploying something like ISA which is likely to be protecting your businesses assets it's important to have a good background knowledge of the product and have your own or someone else's experience to fall back on and ensure you miss the pitfalls. This book helps fulfil that quite nicely, I'd recommend this book to anyone planning to work with ISA in anyway. Very little to complain about with this book and no serious flaws other than a few overly verbose few chapters.

This book receives an honoured SFDC Rating of 8/10.

Keywords: shinder isa server 2004 proxy firewall

This review is copyright 2005 by Barrie Dempster and Security-Forums Dot Com, and may not be reproduced in any form in any media without the express permission of Barrie Dempster, or Security-Forums Dot Com.

Author: jmcbeeLocation: Honolulu PostPosted: Thu Sep 07, 2006 9:54 pm    Post subject:
Very Happy You must be one heck of a hard person to please. I looked at the rating (8 / 10) and wondered what was wrong with the book (I have it and love it!). Your review essentially gushed about how good the book was, how well it was laid out, and the easy-to-read style in which the book was written. Yet, I saw nothing to indicate why you gave it an 8 instead of a 9 or a 10.

Author: AdamVLocation: Leeds, UK PostPosted: Fri Sep 08, 2006 1:42 am    Post subject:
In fairness to zeedo, all reviews on SFDC are subject to peer review by all the SFDC reviewers before being posted 'live' so to speak.

The score given is often a topic for debate, but the reviewer's personal feeling for the book is the final arbiter.
A 10 would imply (in my view) that no better book on the subject could ever be written by mortal man, 9 is hard to get, 8 is great but could be better in some way, etc.

Our ratings start at 0, right through to 10, unlike some sites which seem to rate things somewhere between 7 and 10 every time, which does not help me make a buying decision ("this book is awful and misses our half the subject" = 7 ? Rolling Eyes )

Author: Tom BairLocation: Portland, Oregon USA PostPosted: Fri Sep 08, 2006 10:08 am    Post subject:
Another way to think of the SFDC rating system is:

Most average College text books would rate a 5.

The Bible, Koran, etc. get a 10.

Apply that to Computer Technology and you'll better understand our rating system. Smile

Author: zeedoLocation: Scotland PostPosted: Fri Sep 08, 2006 11:43 am    Post subject:
jmcbee wrote:
Very Happy You must be one heck of a hard person to please.

I've read and written enough books to be able to make an honest judgement. The books I've reviewed on here have ranged from 4-9 in points. I chose the books I want to review, mostly, so they should all be decent as I don't want to read a crap book.

jmcbee wrote:

I looked at the rating (8 / 10) and wondered what was wrong with the book (I have it and love it!).

Nothing was glaringly wrong with it, but that doesn't mean it was entirely perfect. Each reviewer has their own system for giving points and I don't start at 10 and then take points off for errors. I start at 0 and add points for doing things well and take them away for doing things badly. In the case of this book, it did enough things well to get an 8 but not enough to get a 10. A book really has to be 1st rate to get a 10. It's better than the ISA documentation, that's for sure. However it's not a first rate book by any stretch.

jmcbee wrote:

Your review essentially gushed about how good the book was, how well it was laid out, and the easy-to-read style in which the book was written. Yet, I saw nothing to indicate why you gave it an 8 instead of a 9 or a 10.

It was rated quite fairly, the book is an 8. There are 10 numbers in the scale we use so if a book is 1-3 it's not worth buying 4-7 it's probably OK for some purpose, 8 is good at what it's focus is, 9 is fantastic and like Tom said above, 10 is nothing short of pure excellence. My review said the book was good and therefore deserved an 8.

You'll also notice that in Amazons system where they use a 5 point system the book scores a 4. In a 10 point system that would probably equate to an 8. The average score given to the book by myself and 17 others is therefore an 8.

Reviews are opinion peices, in this case my review and my opinion. The most constructive thing to do in your case would be to publish a review that detailed the score you would give the book and why it scored so well. If you do so on Amazon you may affect the average and increase the books score.

Networking/Security Forums -> News // Columns // Articles

output generated using printer-friendly topic mod, All times are GMT + 2 Hours

Page 1 of 1

Powered by phpBB 2.0.x © 2001 phpBB Group