I’ve been looking at improving the security on some customer networks I already look after today. One customer in particular has several servers on the LAN that are published along with other servers in the DMZ (mail filter etc.) Anyways when I was looking through the firewall rules I realised that more resources on the LAN are published in comparison to the DMZ which is a concern. I’ve been looking at putting an ISA server in to add a extra layer of protection for the published LAN resources however Im trying to get my head around the basic setup of the server. For example I take it the ISA server is configured with an IP address on the LAN and then all the firewall rules are forwarded to the ISA server and then forwarded onto the required server. Is that all that’s needed or is there more to it? Any pointers appreciated!