We are thrilled to announce that yesterday, 7/2/2008, the ISA Server Sustained Engineering team released the final version of ISA Server 2006 Service Pack 1 (Standard & Enterprise editions) to the Microsoft Download Center.
You can find the ISA 2006 SP1 bits here. This release will also be uploaded to Microsoft Update on 7/22/2008.
What’s new in ISA Server 2006 SP1:
Microsoft Internet Security and Acceleration (ISA) Server 2006 Service Pack 1 introduces new features and functionality to ISA Server 2006 Standard and Enterprise Editions. The new features focus on configuration change management and enhanced troubleshooting designed to help you identify and resolve ISA Server configuration issues within the ISA Server Management console.
The service pack includes the following new features and feature improvements:
- Configuration Change Tracking – Registers all configuration changes applied to ISA Server to help you assess issues that may occur as a result of these changes.
- Test Button – Tests the consistency of a Web publishing rule between the published server and ISA Server.
- Traffic Simulator – Simulates network traffic in accordance with specified request parameters, such as an internal user and the Web server, providing information about firewall policy rules evaluated for the request.
- Diagnostic Logging Viewer – Now integrated as a tab into the ISA Server Management console, this feature displays detailed events on packet progress and provides information about handling and rule matching.
Improvements for existing features, including:
- Support for integrated NLB mode in all three modes, including unicast, multicast, and multicast with Internet Group Management Protocol (IGMP). Previously, ISA Server integrated NLB-supported unicast mode only.
- Support for use of server certificates containing multiple Subject Alternative Name (SAN) entries. Previously, ISA Server was able to use either only either the subject name (common name) of a server certificate, or the first entry in the SAN list.
- Support for Kerberos Constrained Delegation (KCD) cross-domain authentication. Credentials from users located in a different domain than the ISA Server, but in the same forest, can now be delegated to an internal published Web site by using KCD.
- Support for client certificate authentication in a workgroup deployment. This removes the requirement to map each client certificate to an Active Directory® directory user account when forms-based authentication is used as the primary authentication method and client certificates are used as the secondary method.