Black Hat USA Training 2006
Caesars Palace Las Vegas • July 29-30 and July 31-August 1

Overview:
Microsoft ISA Server is truly a remarkable firewall application and one of the best security products Microsoft has ever developed. This one-of-a-kind training course led by the industry’s top security professionals will arm attendees with the skills needed to design, deploy, maintain and troubleshoot even the most sophisticated ISA Server infrastructure and DMZ configurations.

This action-packed, two-day immersion into ISA technologies not only gets “under-the-hood” of hot topics like client configuration, server publication, application filtering, advanced logging procedures and troubleshooting techniques, but will also reveal many powerful, real-world DMZ configurations and design concepts you can leverage to deploy deeply secure, robust firewall solutions. We’ll even give you a sneak peak at ISA Server 2006 with excerpts from Jim Harrison’s Tech-Ed session on Securing Wireless Infrastructures with ISA 2006. 

Given the ever-growing popularity of ISA Server, both days of this class are expected to sell out soon—so register while seats are available and while early-bird rates are still in effect.

Who Should Attend:
Anyone who takes part in the process of building, designing, supporting, troubleshooting, or maintaining ISA Server installations will get measurable value out of this class.  Firewall administrators, system engineers, and management consultants alike will benefit from the concepts, techniques, tools, and the technical saturation into ISA that this course provides.

What You Will Learn:
The core skills you will take back with you from this course include:

• Supported ISA Client Types and Configuration Options
  • Web Proxy Clients
  • Firewall Clients
  • SecureNAT Clients
  • SecureNAT Clients in complex networks
  • Supported Authentication Methods
• Getting Started:  Base ISA Installation and Configuration
  • Stand-alone configurations
  • Enterprise Arrays
  • Configuration of Networks and Network Objects
  • Configuration of source and destination networks and their relationship
  • Web Chaining
  • VPN and RRAS
  • Configuring Web Proxy and Firewall Client settings
  • Client Auto-configuration
• Creating Rules and Defining Protocols
  • Application protocol filters
  • Protocol Definitions
  • Creating Access Rules
  • Custom Protocols
  • Authenticating/Restricting by User/Group
• Monitoring and Logging
  • Real-time monitoring
  • Logging options
  • Advanced logging: SQL configuration and DB maintenance
  • Custom log queries
• Troubleshooting and Maintenance
  • Tips and Traps
  • Advanced ISA Scripting
  • Deciphering error messages and codes
• Secure Publishing
  • Server Publishing and built in wizards
    • Secure SMTP Publishing
    • Web Publishing
    • OWA Publishing
  • Server Certificates
  • SSL Tunneling
  • SSL Bridging
  • Configuring Published Services application-level protocol filtering
    • HTTP Filter
    • SMTP Filter
    • DNS Filter
    • FTP Filter
• DMZ Topologies and Deployment
  • Poor Man’s DMZ (multi-segment single ISA configurations)
  • Back-to-Back ISA Server DMZ’s
  • Advanced Network Services Perimeter Network configurations
    • SQL Server in the DMZ
    • OWA in the DMZ
    • DNS in the DMZ
  • ISA Xtreame: Least Privilege Intranet Firewall Segments
    • Server-client segmentation
    • Locking down internal traffic
    • Deploying “least privilege” rules
    • Security in depth segmentation
    • Living With Yourself After the Fact: troubleshooting connectivity issues in least privileged environments
• On the Lighter Side Demos (time permitting)
  • Hammer of “Dog:” Protecting an embedded wireless HTTPD server running on Thor’s wireless ERS7 Robot Dog from malicious attacks
  • Jim Harrison’s “Securing Wireless Topologies with ISA 2006”
    • WEP, WPA, 802.1x
    • Interrelationships between ISA and Certificate Services, RADIUS and Group Policy

What You Should Bring:
This is a “lecture-style” training presentation combined with the advent of “Remote Dog and Pony Show” server access to illustrate real, live, in-production ISA Server configuration currently deployed on the Internet in addition to standard presentation materials. As such, there are no hardware requirements for attendees.  However, we highly recommend that you bring your own wireless capable laptop system pre-configured with XP or Mac OS X with ISA 2004 installed in a virtual machine environment so that you can participate in in-class configurations changes. Internet access will be available, but only once you have proven yourself worthy for us to create the firewall rules needed to let you out. You should come ready to learn, and ready to participate in a typically fast-paced course with an open mind and a willingness to learn. Some level of social skills coupled with a sense of humor is a definite plus.

And don’t forget a zoom lens for the Venus pool during coffee breaks.

Timothy Mullen has been educating and training users in the technology sector since 1983 when he began teaching BASIC and COBOL through a special educational program at the Medical University of South Carolina (while still a high school senior). He then launched his professional career in application development and network integration in 1984. Mullen is now CIO and Chief Software Architect for Anchor Sign, one of the 10 largest sign-system manufacturers in America. Timothy Mullen has developed and implemented Microsoft networking security solutions for institutions like the US Air Force, Microsoft, the US Federal Courts, regional power plants, and international banking/financial institutions. He has developed applications ranging from military aircraft statistics interfaces and biological aqua-culture management to nuclear power-plant effects monitoring for private, government, and military entities. Timothy is currently being granted a patent for the unique architecture of his payroll processing engine used in the AnchorIS accounting solutions suite.

Mullen has been a columnist for Security Focus' Microsoft section, and is a regular contributor of InFocus technical articles. Also known as “Thor,” he is the founder of the "Hammer of God" security co-op group. Mullen’s writings appear in multiple publications such as "Hacker’s Challenge", the "Stealing the Network" series, and in "Windows XP Security". His security tools, techniques and processes have been featured in "Hacking Exposed" and "New Scientist Magazine", as well as in national television newscasts and technology broadcasts.  His pioneering research in “strikeback” technology has been cited in multiple law enforcement and legal forums, including the "International Journal of Communications Law and Policy".

Mullen holds MCSE certifications in all recent Microsoft operating systems, has completed all Microsoft Certified Trainer curriculums and is a Microsoft Certified Partner. He is a member of American Mensa, and has recently been awarded the Microsoft “Most Valuable Professional” (MVP) award in Windows Security for the second straight year. 

Jim Harrison is a 6-year Microsoft veteran with nearly 5 years supporting ISA Server for both internal and external Microsoft customers. He evaluates and designs ISA environments from single-server SBS to 1500-server chained-ISA branch office deployments on a daily basis. Jim comes to Microsoft courtesy of the US Navy where he served for 20 years as an Electronics Technician.