I was playing with Microsoft ISA Server 2006 until I realized that by default, client behind ISA Server firewall wouldn’t be able to write/upload to FTP Server. I was a user of ISA Server 2000 (damned slow!), ISA Server 2004 (quite fast), and now 2006 (never tested completely, just installed it).

And the solution is quite simple. You just need to create a FTP firewall policy. I will not discuss how to create a policy in ISA Server (I assume you already know it). Just create a policy like shown below (user group can be modified when necessary).

169_rule.jpg

Then, right click on the rule and click “Configure FTP” as shown below.

169_conf.jpg

Then, final step. Just disable the “Read Only” parameter from the menu (shown below). Voila, all the clients now can have write privilege to the outside FTP Server.

169_rwftp.jpg

Quite easy step, but still it takes few minutes to complete this steps 😉

Is this what we call “secure by default out-of-the-box”?