I am currently playing with the beta of ISA 2004
I have noticed that the options for read only FTP on the server rules is either on or off..
Can you set FTP for say GroupX with read only rights and GroupY with full rights?
I would like to permit Readonly to external/Internet FTP sites but Full access to Our corporate FTP site. our Corp FTP will be accessed VIA external IP only for all clients and never over the internal IP
There must be a mechanism to send user credentials to the firewall, since that isn't part of layer 3 or layer 4. That means you either need that built into the application (which must be configured to use a specific proxy/gateway on the firewall), or use a generic proxy client, like the Firewall client.
I haven't done a network rollout of the ISA 2004 client yet, but the ISA 2000 Firewall client was very easy to distribute via Group Policy Software Management. Just assign the software to machines and it'll install before the users log on.