Implementation Of A Secured Enterprise Network Computer Science Essay

Published:

Author has done study how to plan a network to an enterprise. The study is over internet on other people design. On phase 2's objectives author did not put any citation on every sub objective. Author has updated his knowledge of design a network for enterprise from lecturer idea and classmate idea. Author knows using Microsoft Visio to draw his network plan. Author will use Forefront TMG to be his firewall, and windows server 2008 sp2 to be other server and domain controller. When look on author plan it seem like too simply but when go to one step of this plan. Author have plan what enterprise can put any server on the perimeter and other more. Author done this project is concentrate on security and not services.

After author come to second phase is need to design a network and development, and just notice that not easy to done the development and because come in phase 2 author just feel how hard to build a enterprise network. Author have draw a simple diagram that can be done the demonstration that using college computer. Author has cancel the router planning because it is not necessary need in his demonstration plan. When this plan real use on a enterprise they can just add what server they like on DMZ zone. And add more clients to internal site. For enterprise they will add more high-end hardware like core router or core switch to get the performance for enterprise. The design author draw also is not same like what he will design. Like dual firewall he will only run 1 firewall on demonstration for his project, because he is leak time and no enough resource.

Lady using a tablet
Lady using a tablet

Professional

Essay Writers

Lady Using Tablet

Get your grade
or your money back

using our Essay Writing Service!

Essay Writing Service

Author is keep worry for the entire configuration in firewall forefront. This is latest version so sure have some application problem or error will prompt out. Hope he can solve the entire problem. If want to done this project author feel that not easy to do solo for done all in one like done services for enterprise, setup all server that need for enterprise. So author is only focus on security site.

Lastly, author found the site can help is http://technet.microsoft.com is very helpful guild how to configure.

Chapter 4 Network Planning

4.1 Firewall

It can filter the entire incoming and outgoing network. On this firewall author is running windows server 2008 sp2 to support Microsoft Forefront TMG standard. On this latest version of firewall have latest feature like Web Anti-Malware Support, Network Intrusion Prevention. In this firewall author will configure Schedules, configuring protocols, configuring HTTP filtering, configuring global malware inspection settings, enabling intrusion detection of common attacks, configure Intrusion detection of common attacks, protecting against DNS and other attacks and Publishing a single Web site or load balancer over HTTP. Author has design a network that includes dual firewall, for giving this 2 firewall have their roles and protection for enterprise network. On firewall author need a 3 Network card to produce a 3 leg perimeter configuration in Forefront TMG. When go to real enterprise need to add more server on DMZ , it just only need to add a switch and add computer to install server like exchange server, ftp server, file server, database server, e-commerce server and SharePoint server and others. Enterprise can only need to do some rules changes from the dual firewall. If enterprise needs to add two ISP, they can easy to configure load balancing for dual ISP. Still have much more configuration that can be done on Forefront TMG. Microsoft has built an advanced application firewall for enterprise and other. The name for first firewall will name it Outherfirewall. On this Outherfirewall author need 3 network card 1 network card is connect to internet and 2 card is connect to perimeter and last one is connect to internal network. Internet IP address is 192.168.1.88, subnet 255.255.255.0 and gateway is 192.168.1.1. Perimeter address 10.1.44.88 , subnet 255.0.0.0 and gateway is 10.1.44.88. Last is Internal IP address 192.168.8.168, subnet is 255.255.255.0 and gateway is 192.168.8.168.

4.2 Domain Control

In this domain control, author running active directory to management different apartment of enterprise client and different permission, schedule the usage, and can easy monitor what is different apartment client is doing and what services they are running when work. Are worker doing their work. In this domain control author have no focus more to server site because he is only try build a secure enterprise network, in server site still have more configuration on the services for a real enterprise. Like print services, file permission and others. This all will not be focus part on this project. He is only focus on the Group policy to management staff not tries to do malicious activities in organization. Name of this domain control will be name as DC1. And IP address for Staff is 192.168.8.178, subnet 255,255,255,0 and gateway is 192.168.8.1. and another network card is name it Internal . IP address 192.168.3.174, subnet 255.255.255.0, gateway is 192.168.168.3.174. Active directory name will be naming it FinalProject.com.

4.3 Web Server

Lady using a tablet
Lady using a tablet

Comprehensive

Writing Services

Lady Using Tablet

Plagiarism-free
Always on Time

Marked to Standard

Order Now

Author only do a simply website and that using IIS. Configure in Forefront firewall to let internet user to access. Only to test can internet and internal staff can browse or not. IP address 10.1.44.88, subnet is 255.0.0.0 and gateway 10.1.44.88.

4.4 Computer(staff)

Which department of enterprise can have different permission. Author only will configure 2 client, this two client is different from connect to internet or only can connect to internal network and access web site from internal. 192.168.8.30 , subnet 255.255.255.0 and gateway 192.168.8.178. Another client is running 192.168.8.20 , subnet 255.255.255.0 and gateway is 192.168.8.178. On client site author install Steady state from Microsoft. It to prevent internal user malicious files or other will spread in enterprise network.

Summary

Chapter 5 Installing Microsoft Forefront TMG standard firewall

Manual Installation

Install the Forefront TMG 2010, which downloads from official website. The setup downloads from website need to compress, after compress just enter the location where have been compressed. Inside Forefront TMG 2010 folder just double click autorun.exe, Welcome page as shown in Figure 5-1.

In Forefront Threat Management Gateway Enterprise's welcome page contain have 'Before Start' have Deployment Guide and release notes. This two is the link can let administrator to access to website to read and understand.

Figure 5-1 Forefront Threat Management Gateway's Welcome Screen.

The installation can start by click Run Preparation Tool on the Forefront TMG 2010's welcome page. Welcome to the Preparation Tool for Microsoft Forefront Threat Management Gateway (TMG) first step installation, is show in Figure 5-2, click Next button.

Figure 5-2 Step 2 for Forefront TMG firewall's Preparation Tool

Step 3 is forefront TMG License agreement page, is show on figure 5-3, For continue install user need to read the Microsoft Software License Terms, on the checkbox need to tick for confirm the accepted the License Agreement, and click next button.

Figure 5-3 Step 4 for Forefront TMG firewall's License Agreement step

Step 4 is the Setup Scenarios, show in Figure 5-4, there 2 types of choice to let user to decide and they are shot explanation on the 2 choices. After user select with are the suitable option for installation of forefront TMG firewall. Author is choosing Install Forefront TMG Services and Management and click next.

Below explanation is defining the options on Preparation Tool:

Install Forefront TMG Services and Management

This is the option that will install Forefront TMG's features and services will be installed. Management console will installed follow by the services and features.

Install Forefront TMG Management Only

This option only will install services and features that required for remotely manage of forefront TMG firewall.

Figure 5-4 Step 4 for forefront TMG firewall's Setup Scenarios for the Preparation Tool,

Step 5 is the Preparation Tool is start running, as show in Figure 5-5, and verifies Windows installation to check is it fulfills the requirements. If the Windows installation does not fulfill the requirement it will take some steps to build it capable of installing TMG.

Figure 5-5 Step 5 is forefront TMG firewall Preparation Tool is preparing the system

Step 6 is the end of Preparation Tool installation to the system. When it finish it will let user know are this tool is running successful or unsuccessful. From finish Preparing installation it can directly run the TMG setup, user need to select checkbox of Launch Forefront TMG Installation Wizard that will show on the ending of installation for Preparation Tool. This is show in Figure 5-6, and click finish.

Figure 5-6 Step 6 is forefront TMG firewall's Preparation Tool successful completed the installation

Step 7 is the Installation Wizard Progress dialog box appears. Figure 5-7 is show on below. Next is will prompt out another installation dialog box that is Welcome to the Installation Wizard for Forefront TMG, as show in Figure 5-8. Click next.

Figure 5-7 Dialog box for The Installation Wizard progress

Figure 5-8 Welcome step for Forefront TMG installation

Step 8 is to continue the installation users need to read License Term and select I accept the terms in the license agreement, it is show in Figure 5-9. Click next.

Figure 5-9 Step of License agreement for forefront TMG

Lady using a tablet
Lady using a tablet

This Essay is

a Student's Work

Lady Using Tablet

This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.

Examples of our work

Step 9 is Customer Information installation, is show in Figure 5-10, product serial number is the needed for proceed to next installation and the User Name, Organization is ok to leave it blank. Click next.

Figure 5-10 Customer Information of TMG Installation Wizard

Step 10 is Installation Path and can let user to choose location of TMG. Author have only let this location default path, it show at Figure 5-11 and click next. Change button is for let user to easy find the location.

Figure 5-11 decide the installation path for forefront TMG

Step 11 is Define Internal Network is show on Figure 5-12

Figure 5-12 Internal Network of the Installation Wizard

Step 12 is dialog box for Addresses, it is show on Figure 5-13, click Add Adapter.

Step 13 is dialog box for Select Adapters, show in Figure 5-14, Internal network can be select the default internal network adapter. If on Forefront TMG firewall have more than one protected network, do not add other network adapter at this period. Network structure for TMG can be change later. Click OK button to close Selected Adapter dialog box.

Step 14 is dialog box of Addresses that for verify IP address ranges listed march that used by hosts on the default internal network; the entire host is reachable from TMG. If network address is not reachable then the Windows routing table is not configure properly to allow TMG firewall to reach entire hosts in network. If problem of network table is need to solve for continue the installation. After all the setting is done click ok, and the dialog box will closed.

Figure 5-13 This is the dialog box for Addresses

Figure 5-14 This is the dialog box for Select Network Adapters

Figure 5-15 Addresses that are part of the internal network

On Define Internal Network just click next. Figure 5-16 is show.

Figure 5-16 Installation Wizard is show the address range has been added on the Internal Network

Step 15 before enter installation TMG, Installation Wizard will inform that some services is need to stop to done installation. There will list the services that will disable or stopped if found it still running by TMG. Click Next to proceed.

Figure 5-17 Services that will be stop during the installation

Figure 5-18

Step 16 the installation wizard is confirm to Ready to Install the program and just click Install. Figure 5-19.

Figure 5-19 Ready to Install the Program of the TMG installation Wizard

While Installation is progress author have notice:

The Installation Wizard the gear that on dialog box is starting turning and the forefront TMG components have installed. Lightweight Directory Services (LDS) will be change to Configuration Storage Service (CSS) function. Forefront TMG management, services, drivers, and registration of all the filters will be done. Finally, the dialog box for installing progress disappears the Progress state of Core Components will be turn to Additional Components, as show at Figure 5-20, after the Core Components done and it will automatic jump to System Initialization. Show at Figure 5-21.

Figure 5-20 Additional Components is start process

Figure 5-21 System Initialization is start process

Dialog box will automatic disappears and it will promote out the Installation Wizard Completed, as show at Figure 5-22. Click Finish to done installation. If at below the Installation Wizard have a checkbox to Lunch Forefront TMG Management when the wizard closes, this can be the option to choice after ending installation.

Figure 5-22 The Installation Wizard Completed of the Installation Wizard

Summary

In this Chapter, author learned the correct way of install Forefront TMG 2010 in enterprise environment.

Chapter 5.2 Configuring schedules

Author has configured schedules on Microsoft Forefront Threat Management Gateway. Provide schedules that can appoint the access rules when the rule is use.

Step to create a schedule:

In the Forefront TMG Management console tree, click Firewall Policy.

On the Toolbar tab, click Schedules.

On the toolbar beneath Schedules, click New.

In the New Schedule property page, specify settings for the schedule.

http://i.msdn.microsoft.com/Global/Images/clear.gif Step to modifying a schedule:

In the Forefront TMG Management console tree, click Firewall Policy.

On the Toolbox tab, click Schedules.

Click to expand Schedules, and double-click the schedule that want to modify.

On the Schedule tab, select a time slot and then select Active or Inactive.

Summary

Chapter 5.3 Configuring protocols

Author only show the default step for how is the way to create a protocol definition. Step for modify protocol has been show on next before creating a protocol definition.

http://i.msdn.microsoft.com/Global/Images/clear.gif 5.3.1Creating a protocol definition

In the Forefront TMG Management console tree, click Firewall Policy.

On the Toolbar tab, click Network Objects.

On the toolbar beneath Protocol, click New, and then click Protocol.

When the New Protocol Definition Wizard starts, follow the on-screen instructions. (Protocol used in access rules should have the direction specified as outbound. Protocols used in publishing rules should have the direction specified as in bound)

http://i.msdn.microsoft.com/Global/Images/clear.gif 5.3.2 Modifying a protocol definition

In the Forefront TMG Management console tree, click Firewall Policy.

On the Toolbox tab, click Network Objects.

Click to expand Protocol, open the required group, and double-click the protocol.

In the protocol property pages, modify the required settings. ( Predefined protocol cannot modify all properties)

Summary

Chapter 5.4 Configuring HTTP filtering

On this section author is done the step for configuring HTTP filtering. Below is the step how he done this configuration. HTTP filter can be configuring in inbound and outbound access rules to control type of data and HTTP commands that allow crossing the firewall.

The following procedures describe the steps to configure HTTP filtering on an access rule:

5.4.1 Accessing the rule for HTTP filtering

To access the rule on which to configure HTTP filtering

In the Forefront TMG Management console, in the tree, click the Firewall Policy node.

In the details pane, right-click the rule needs to modify, and then click Configure HTTP. The Configure HTTP policy for rule dialog box opens.

Configure HTTP filtering using the instructions in the following procedures.

5.4.2 To configure headers and URL blocking

Click the General tab in the Configure HTTP policy for rule dialog box.

In Maximum headers length (bytes), specify the maximum number of bytes allowed in the URL and HTTP header for an HTTP request before it is blocked.(This setting applies to all rules, so if changes one rule, it will changed in all rules)

Clear Allow any payload length to block requests exceeding the number of bytes specified in Maximum payload length (bytes).

In Maximum URL length (bytes), type the maximum URL length allowed. Requests with URLs exceeding this value will be blocked.

In Maximum query length (bytes), type the maximum query length allowed in a request. Requests with queries exceeding this value will be blocked.

Select Verify normalization to block requests with URLs containing escaped characters after normalization.

Select Block high bit characters to specify that URLs with high-bit characters will be blocked.

Select Block responses containing Windows executable content to specify that responses containing Windows executable content (responses that begin with MZ) will be blocked.

5.4.3 Configuring HTTP methods

HTTP methods are order sent in a request message that to inform an HTTP server of the step to perform on the specify resource. Example of blocking by method would be blocking POST, so that client from internal cannot post data to an external Web page. For a secure network scenario is very useful to implement HTTP method where author want to prevent sensitive information from being posted on a web site.

To configure HTTP methods

Click the Methods tab in the Configure HTTP policy for rule dialog box.

In Specify the action taken for HTTP methods, select the action to be taken for the methods listed. In this step author choose block those listed and allow all others. Microsoft is only recommending that only one method can be chosen. Author choosing this is because can add the method by adding in list. For future enterprise can easy add any action.

To add a method, click Add. In the Method dialog box, type the method that want to add.

To delete an existing method, select the method in the list, and then click Remove.

To edit an existing method, select the method in the list, and then click Edit.

5.4.4 Configuring HTTP extension blocking

Author is chosen allow only those in the list. He chooses this blocking extension for secure configuration for enterprise. Author are publishing a web site, the web site designer or Web server administrator will be able to define a list of extensions that are required for site functionality.

A typical use of extension blocking is to block executable (.exe) files.

5.4.4.1 To configure HTTP extension blocking

Click the Extensions tab in the Configure HTTP policy for rule dialog box.

In Specify the action taken for file extensions, select an action.

Enable Block requests containing ambiguous extensions to block requests with extensions that cannot be determined.

To add an extension, click Add. In the Extension dialog box, type the extension want to add.

To edit an existing extension, select it in the list, and then click Edit.

To delete an existing extension, select it in the list, and then click Remove.

http://i.msdn.microsoft.com/Global/Images/clear.gif 5.4.4.2Configuring header blocking

To configure header blocking

Click the Headers tab in the Configure HTTP policy for rule dialog box.

Click Add to add a header that should be blocked. Then in the Header dialog box, select either Request Headers or Response Headers from Search In, and type in the header name. All headers are allowed, except those that appear in the Allow all headers except the following list.

To edit a header, select it in the list, and then click Edit. To allow a header that is currently on the blocked list, select it, and then click Remove.

In Server Header, specify how the server header will be returned in the response. The server header is a response header that contains information, such as, the name of the server application and software version information; for example, HTTP: Server = Microsoft-IIS/6.0. The possible settings are:

Send original header-The original header will be returned in the response.

Strip header from response-No header will be returned in the response.

Modify header in response-If select this option, in Change to, type the value that will appear in the response. It is recommended that to modify the server header. The value that will appear in the response can be any value, because the server header is rarely used by clients.

In Via Header, specify how the Via header will be forwarded in the request or returned in the response. For a description, see "Maximum query length (bytes)".

The possible settings are:

Send default-The default header will be used.

Modify header in request and response-The Via header will be replaced with a modified header. If select this option, in Change to, type the header that will appear instead of the Via header.

5.4.4.3 Configuring blocked signatures

To configure blocked signatures

Click the Signatures tab in the Configure HTTP policy for rule dialog box.

Click Add to add a blocked signature. Then, in the Signature dialog box, specify the following:

In Search in, specify whether the signature appears in the request URL body or header, or in the response body or header.

In HTTP Header, type the header name, to specified a header type signature.

In Signature, type the signature string. A signature can be any string in a header or body. It is recommended that to choose strings that are specific enough to block only those requests or responses that want to block. For example, if add the letter "a" as a signature, any request or response containing "a" will be blocked. Similarly, including "Mozilla" in a signature would block most Web browsers. A more typical example signature would be User-Agent: adatum-software-abc.

In Byte range, specify From and To values, selected Response Body or Request Body as the signature type. By default, Forefront TMG only inspects the first 100 bytes of the request and response body. Increasing this default value may affect system performance.

Enable or disable signatures using the check boxes next to the signature names. Click Show only enabled search strings to list only enabled signatures.

To modify a blocked signature, select it in the Block content containing these signatures list, and then click Edit.

To allow a blocked signature, select it in the Block content containing these signatures list, and then click Remove.

Summary

5.5 Configuring global malware inspection settings

Configuring global malware settings consists of the following steps:

Enable malware inspection. With this setting enabled, content sent from server to client or provided by access rules is inspected. Malware inspection is not applied to content sent from client to server or provided by Web publishing rules.

Specify destinations exempt from malware inspection.

Specify how inspected content should be blocked.

Indicate how clients should be informed of progress as content is inspected. For a better user experience files are trickled to clients during inspection. As an alternative it can configure specific content types to display progress notifications instead of trickling.

Specify a location for storing files during the inspection process.

Configuring global malware inspection

In the Forefront TMG Management console tree, click the Firewall Policy node, and select the Web Access Policy tab. Under Policy Editing Tasks, click Configure Malware Inspection.

http://i.msdn.microsoft.com/Global/Images/clear.gif To enable global malware inspection

On the General tab, select Enable malware inspection.

5.5.1To specify exemptions

To specify destinations exempt from malware inspection, on the Exceptions tab, click Add. In the Add Network Entities dialog box, click New, and then select the exempted network objects. Specify an entire network, computers or IP addresses, or domain name sets and URL sets. Select domain names; ensure they can be resolved by Domain Name System (DNS).

To modify the default domain set or other exempted network objects, select the appropriate entry, and then click Edit.

To remove the sites from the exemption list, select the appropriate entry, and then click Remove.

5.5.2 To block inspected content

On the Inspection Settings tab, specify whether the malware inspection mechanism should attempt to clean files and what type of content should be blocked. It is recommended that to keep the default settings.

When Attempt to clean infected files is enabled, files that cannot be cleaned are purged. An HTML page is issued to notify the user that the file has been blocked.

The setting Block corrupted files is turned off by default. Turning on this setting may cause a false positive and block files that are not actually harmful.

The setting Block files if archive depth exceeds is designed to block malware that arrives in archives with deep nesting to avoid detection.

The setting Block archive files if unpacked content is larger than is designed to avoid having small archive files decompress to a large size when unpacked.

5.5.3 To configure progression notification

During inspection, files are trickled to clients. Configure specific content types to display progress notifications instead of trickling.

To use progress notifications instead of trickling for some content types, on the Content Delivery tab, select Send progress notifications to clients as files are downloaded and inspected.

To specify the content types for which progress notification applies, click Select Content Types.

In Available Types, select content types to add to the default list, and then click Add. To remove a content type, select it in the Selected Types list, and then click Remove.

Summary

5.6 Enabling intrusion detection of common attacks

http://i.msdn.microsoft.com/Global/Images/clear.gif To enable intrusion detection of common attacks

In the Forefront TMG Management console tree, click Firewall Policy.

On the Tasks tab, click Enable Intrusion Detection.

On the Common Attacks tab, select Enable intrusion detection.

Select one or more of the following:

Windows out-of-band (WinNuke). Select this option when Forefront TMG will generate an event if an out-of-band denial of service attack is attempted against a computer protected by Forefront TMG.

Land. Select this option when Forefront TMG will generate an event if a TCP SYN packet is sent with a spoofed source IP address and port number that matches that of the destination IP address and port number.

Ping of death. Select this option when Forefront TMG will generate an event if an IP fragment is received with more data than the maximum IP packet size.

IP half scan. Select this option when Forefront TMG will generate an event if repeated attempts to connect to a destination computer are made and no corresponding ACK packets are communicated.

UDP bomb. Select this option when Forefront TMG will generate an event if there is an attempt to send an illegal UDP packet. Although an event will be generated when the attack occurs, specifically enable and configure an alert to trigger an action.

Port scan. Select this option when Forefront TMG will generate an event if an attempt is made to count the services running on a computer by probing each port for a response.

When selected Port scan, also specify the following:

Detect after attacks on well-known ports. Type the maximum number of well-known ports that can be scanned before generating an event when a port scan attack is detected. A well-known port is any port in the range from 1 through 2048.

Detect after attacks on ports. Type the maximum number of ports that can be scanned before generating an event when a port scan attack is detected.

Forefront TMG to log all dropped packets, verify that Log dropped packets is selected.

Click OK.

In the details pane, click the Apply button to save and update the configuration, and then click OK.

Summary

5.7 Configure Intrusion Prevention System

To update definitions

In the Forefront TMG Management console tree, click Update Center.

In the details pane, select Intrusion Prevention System.

In the task pane, on the Tasks tab, click Change Update Schedule, and then modify the schedule for obtaining definition updates.

Microsoft Forefront Threat Management Gateway to check for updates to the selected service more than once a day, select Every, and then in the drop-down list, select the time period that Forefront TMG should wait before checking for updates again.

Forefront TMG to check for updates to the selected service once every day, select Daily at, and then in the drop-down list, select the time when Forefront TMG should check for updates. 

Forefront TMG to check for updates to the selected service only on specific days of the week, select On selected days. Select the days of the week on which Forefront TMG should check for updates, and then in the drop-down list, select the time when Forefront TMG should check for updates.

Forefront TMG to automatically check for updates to the selected service, select Never. Do not automatically check for security updates.

Click OK.

It can repeat steps 3 through 5 for the other services.

In the details pane, click Apply to save and update the configuration, and then click OK.

Summary

5.8 Protecting against DNS and other attacks

http://i.msdn.microsoft.com/Global/Images/clear.gif  To enable detection of DNS attacks

In the Forefront TMG Management console tree, click Firewall Policy.

On the Tasks tab, click Configure DNS Attack Detection.

On the DNS Attacks tab, select Enable detection and filtering of DNS attacks.

Select one or more of the following types of suspicious activity:

DNS host name overflow. Select this option if Forefront TMG should check for DNS host name overflow attempts. The DNS Filter intercepts and analyzes DNS traffic destined for the Internal network. DNS host name overflow occurs when a DNS response for a host name exceeds a certain fixed length (255 bytes).

DNS length overflow. Select this option if Forefront TMG should check for DNS length overflow attempts. DNS length overflow occurs when a DNS response for an IP address exceeds a specified length of 4 bytes.

DNS zone transfer. Select this option if Forefront TMG should check for DNS zone transfer attempts. A DNS zone transfer attempt occurs when a client system uses a DNS client application to transfer zones from an internal DNS server.

Click OK.

In the details pane, click the Apply button to save and update the configuration, and then click OK.

Summary

5.9 Publishing a single Web site or load balancer over HTTP

http://i.msdn.microsoft.com/Global/Images/clear.gif  To publish a single Web site or load balancer over HTTP

In the Forefront TMG Management console tree, click Firewall Policy.

In the task pane, click the Toolbox tab.

On the Toolbox tab, click Network Objects, click New, and then select Web Listener to open the New Web Listener Wizard.

Complete the New Web Listener Wizard as outlined in the following table.

In the task pane, click the Tasks tab.

On the Tasks tab, click Publish Web Sites to open the New Web Publishing Rule Wizard.

Complete the New Web Publishing Rule Wizard as outlined in the following table.

In the details pane, click Apply, and then click OK.

Summary

REFERENCES (BACKGROUND READING MATERIALS):

Configure Schedules (online) (cited 2 March 2010). Available from http://technet.microsoft.com/en-us/library/cc995065.aspx

Configure Protocols (online) (cited 3 March 2010). Available from http://technet.microsoft.com/en-us/library/cc995107.aspx

Configuring the intrusion prevention system (online) (cited 5 March 2010). Available from http://technet.microsoft.com/en-us/library/cc995107.aspx

Configuring global malware inspection settings (online) (cited 6 March 2010). Available from http://technet.microsoft.com/en-us/library/cc984430.aspx

Enabling intrusion detection of common attacks (online) (cited 7 March 2010). Available from http://technet.microsoft.com/en-us/library/cc984458.aspx

Protecting against DNS and other attacks (online) (cited 10 March 2010). Available from http://technet.microsoft.com/en-us/library/cc995068.aspx

Protecting against DNS and other attacks (online0 (cited 12 Match 2010). Available from http://technet.microsoft.com/en-us/library/cc995068.aspx

Configuring HTTP filtering (online) (cited 12 March 2010). Available from http://technet.microsoft.com/en-us/library/cc995081.aspx

Publishing a single Web site or load balancer over HTTP (online)(cited 14 March 2010). Available from http://technet.microsoft.com/en-us/library/cc984433.aspx

***END OF REPORT***