I want to use ISA Server 2006 as a Frontend Security Gateway that authenticates the User, using a custom authentication mechanism. The custom authentication mechanism is implemented using a custom ISA Filter that intercepts the HTTP request received by the ISA Server.
Using Custom ISA Filters on the ISA Server is a matter of configuration. However, as it is possible to configure, it is possible to turn it off as well.
My question is then: How do I install my custom ISA filter on the ISA Server 2006, in a way so it cannot be disabled through a configuration setting? My thoughts of a solution are going in the diretions of a custom installation or a hardware solution. Is it possible to make a Custom ISA Filter a part of the ISA Server Software Installation so it cannot be turned off through configuration, unless you re-installe the ISA Server?
No, I have high trust in our Admins. Nevertheless, various security analysis papers remark that threats from inside organisations are to be taken serious, just as well as external threats.
My biggest concern is external threats from the Internet. I would like to say something about the security risk of introducing an authentication mechanism based on a custom ISA Filter. Assume however that the ISA Filter itself is securely written, i.e. is robust against Buffer Overflow attacks and the like. Assume also that the custom Authentication mechanism is secure. Would you say that the risk for an external attacker from the Internet to inject malicious code on the ISA Server to disable the ISA Filter would equal to compromise the ISA Server as such? So the weak point in that configuration would be the configuration of the ISA Server (and OS) as such, not the fact that you use a custom ISA Filter?