| Microsoft Internet Security and Acceleration Server 2004 SDK |
You can use ISA Server to configure a publishing policy, which consists of server publishing rules and Web publishing rules.
Each server publishing rule or Web publishing rule is represented by an FPCPolicyRule object contained in an FPCPolicyRules collection.
Server publishing rules filter all incoming requests to internal servers, such as Simple Mail Transfer Protocol (SMTP) servers, File Transfer Protocol (FTP) servers, Structured Query Language (SQL) servers, and others. Requests may be forwarded downstream to an internal server, located behind the ISA Server computer.
Server publishing rules are used when there is a network address translation (NAT) relationship defined by a network rule (FPCNetworkRule) between the network on which the clients sending requests to the published server are located (the source network) and the network on which the published server is located (the destination network). A server publishing rule uses secure network address translation (SecureNAT), which allows requests that are sent to an IP address that is valid on the source network to reach an IP address on a protected network behind the ISA Server computer. The server publishing rule maps a port number and an IP address (or IP addresses) on the network adapter of the ISA Server computer that listens for requests from the clients to a port number and an IP address on the published server. Requests that meet the conditions specified by the rule are then redirected to the IP address of the published server. However, only requests that are identified as part of the designated protocol are processed by the server publishing rule and redirected to the published server.
When there is a routing relationship defined by a network rule between the client network and the network where a server is located, an access rule can allow the clients to send requests directly to the IP address of a server located on a protected network behind the ISA Server computer.
A Web publishing rule maps published website names to the internal paths of websites and maps DNS names and IP addresses to the internal address of a Web server located behind the ISA Server computer. A Web publishing rule also determines how ISA Server should handle incoming requests for HTTP objects on the published Web server and how ISA Server should respond on behalf of the Web server. Requests are forwarded downstream to the published Web server, or, if possible, they are serviced from the ISA Server cache.
A Web publishing rule defines the response to attempts by outside users to access an internal site. Possible responses include: