How ISA Server and Microsoft Forefront Threat Management Gateway, Medium Business Edition cache responses to Web publishing client requests in reverse proxy mode

INTRODUCTION

This article describes how Microsoft Internet Security and Acceleration (ISA) Server and Microsoft Forefront Threat Management Gateway, Medium Business Edition cache responses to Web publishing client requests in reverse proxy mode. Reverse proxy mode lets you put Web servers on your internal network behind your ISA Server firewall and your Microsoft Forefront Threat Management Gateway, Medium Business Edition firewall. Reverse proxy mode also helps you securely publish your Web site on the Internet. In ISA Server and Microsoft Forefront Threat Management Gateway, Medium Business Edition, the Web Proxy filter handles the caching function.

More Information

By default, no disk space is specified for caching when you install ISA Server or Microsoft Forefront Threat Management Gateway, Medium Business Edition. Therefore, caching is turned off. You turn on caching when you specify how much disk space to use for caching.

ISA Server 2004

To turn on caching in ISA Server 2004, follow these steps:
  1. Click Start, point to Programs, point to Microsoft ISA Server, and then click ISA Server Management.
  2. In ISA Server Management, click to expand ISAServerName, and then click to expand Configuration.
  3. Right-click Cache, and then click Define Cache Drives.
  4. In the Define Cache Drives dialog box, select a drive that has sufficient space, enter the cache size that you want in the Maximum cache size (MB) box, click Set, and then click OK.

ISA Server 2006

To turn on caching in ISA Server 2006, follow these steps:
  1. Click Start, point to Programs, point to Microsoft ISA Server, and then click ISA Server Management.
  2. In ISA Server Management, click to expandISAServerName, and then click to expandConfiguration.
  3. In the right-side pane, click Define Cache Drives (Enable Caching) on the Tasks tab.
  4. In the Define Cache Drives dialog box, select a drive that has sufficient space, enter the cache size that you want in the Maximum cache size (MB) box, click Set, and then click OK.

Microsoft Forefront Threat Management Gateway, Medium Business Edition

To turn on caching in Microsoft Forefront Threat Management Gateway, Medium Business Edition, you must specifically allocate disk space for the cache. By default, after installation, no space is defined for the cache. Caching can be turned on when you run the Web Access Wizard. Alternatively, you can enable caching manually. To do this, follow these steps:
  1. Click Start, point to Programs, point to Microsoft Forefront TMG, and then click Forefront TMG Management.
  2. In Microsoft Forefront Threat Management Gateway, Medium Business Edition, expand TMGServerName, and then click Web Access Policy.
  3. In the right pane, under Related Tasks, click Configure Web Caching on the Tasks tab.
  4. Click the Cache Drives tab, and then click Configure
  5. In the Define Cache Drives dialog box, select a drive that has sufficient space, type the cache size that you want in the Maximum cache size (MB) box, click Set, and then click OK.
You can also specify the type of content that can be cached. Content that is served from the cache requires less processing than content that is served from another network. Caching improves client browser performance, decreases user response time, and reduces bandwidth consumption on your Internet connection.

ISA Server and Microsoft Forefront Threat Management Gateway, Medium Business Edition determine whether to retrieve an object from its cache or from another server by examining the cache properties and the cache rules that you have configured. ISA Server analyzes cache configuration, cache rules, and existing cache content to determine whether an object is retrieved from the cache.

In ISA Server and Microsoft Forefront Threat Management Gateway, Medium Business Edition, reverse caching is the same as forward caching, except that in reverse caching, ISA Server and Microsoft Forefront Threat Management Gateway, Medium Business Edition disregard the cache-control headers of the client computer's request. For example, in reverse caching, ISA Server and Microsoft Forefront Threat Management Gateway, Medium Business Edition do not follow the cache-control option with its no-cache directive for the client. Because the client is communicating with the actual Web server, this directive does not make sense, and ISA Server and Microsoft Forefront Threat Management Gateway, Medium Business Edition prevent the client from interfering with the ISA Server and Microsoft Forefront Threat Management Gateway, Medium Business Edition administrator policy.

When a client computer requests a Web object from an internal Web server that is behind the ISA Server or Microsoft Forefront Threat Management Gateway, Medium Business Edition firewall, ISA Server or Microsoft Forefront Threat Management Gateway, Medium Business Edition follows these steps:
  1. ISA Server or Microsoft Forefront Threat Management Gateway, Medium Business Edition determines whether the object is in the cache.
  2. If the object is not in the cache, ISA Server or Microsoft Forefront Threat Management Gateway, Medium Business Edition requests the object from the internal Web server. The internal Web server returns the object to the ISA Server computer or to the Microsoft Forefront Threat Management Gateway, Medium Business Edition computer.

  3. ISA Server or Microsoft Forefront Threat Management Gateway, Medium Business Edition retains a copy of the object in its cache, and returns the object to client.
The next time the object is requested, ISA Server or Microsoft Forefront Threat Management Gateway, Medium Business Edition returns the object to the client from the cache. ISA Server or Microsoft Forefront Threat Management Gateway, Medium Business Edition does not have to request the object from the internal Web server.

To configure how Web objects are cached in ISA Server or in Microsoft Forefront Threat Management Gateway, Medium Business Edition, follow these steps:
  1. Click Start, point to Programs, point to Microsoft ISA Server, and then click ISA Server Management.

    Note If you are running Microsoft Forefront Threat Management Gateway, Medium Business Edition, click Start, point to Programs, point to Microsoft Forefront TMG, and then click Forefront TMG Management.
  2. In ISA Server Management, click to expand ISAServerName, click to expandConfiguration, and then click Cache.

    Note In Microsoft Forefront Threat Management Gateway, Medium Business Edition, expand TMGServerName, and then click Web Access Policy
  3. ISA Server 2006 and ISA Server 2004 In the details pane, click the Cache Rules tab, and then click the cache rule that you want to modify.

    Microsoft Forefront Threat Management Gateway, Medium Business Edition In the right pane, click Configure Web Caching on the Tasks tab, click the Cache Rules tab, and then click the cache rule that you want to modify.
  4. ISA Server 2006 and ISA Server 2004 On the Tasks tab, click Create a Cache Rule.

    Microsoft Forefront Threat Management Gateway, Medium Business Edition In the right pane, click Configure Web Caching on the Tasks tab, click the Cache Rules tab, and then click NEW.
  5. On the Welcome to the New Cache Rule Wizardscreen, type a descriptive name in the Cache rule name box, and then click Next.
  6. On the Cache Rule Destination page, click Add.
  7. In the Add Network Entities dialog box, select the network entity that you want, click Add, click Close, and then click Next.
  8. On the Content Retrievalscreen, select one of the following options, and then click Next:
    • To retrieve an object from the cache only if it has not expired, click Only if a valid version of the object exists in cache. If no valid version exists, route the request to the server.
    • To retrieve an object from the cache if it is available, and to retrieve it by using a specified route if it is not available, click If any version of the object exists in cache. If none exists, route the request to the server.
    • To retrieve an object only if it is in the cache, click If any version of the object exists in the cache. If none exists, drop the request (never route the request to the server).
  9. On the Cache Content screen, select one of the following options, and then click Next:
    • If retrieved objects must not be cached, click Never, no content will ever be cached.
    • If objects should be cached only if the source and request headers indicate that the object must be cached, click If source and request headers indicate to cache. Then, you can also select one or more of the following additional options:
      1. The Dynamic content option specifies that ISA Server will cache retrieved objects even if they are marked as not cacheable.
      2. The Content for offline browsing (302, 307 responses) option specifies that ISA Server will serve all the requests from content in the cache. This option requires that even cacheable content with 302 and 307 response codes is stored in the cache.
      3. The Content requiring user authentication for retrieval option specifies that ISA Server will cache content that may require authentication to be accessed.
  10. On the Cache Advanced Configuration page, select any of the following options that you want, and then click Next:
    • The Do not cache objects larger than option specifies the maximum size of objects that ISA Server will cache.
    • The Cache SSL responses option lets you specify whether SSL objects are maintained in the ISA Server cache.
  11. On the HTTP Caching page, configure whether cached Hypertext Transfer Protocol (HTTP) objects expire according to Time to Live (TTL) settings. To do this, select the options that you want, and then click Next.

    Note For HTTP objects, expiration is configured based on the TTL that is defined in the response header and on the TTL boundaries that are defined in the cache rule. TTL boundaries are calculated as a percentage of the content age. The content age is the time since an object was created or modified. HTTP objects expire according to the TTL defined for HTTP objects in the cache rule.
  12. On the FTP Caching page, select whether to enable caching, and configure the TTL period for objects. To do this, select the options that you want, and then click Next.

    Note By default, the TTL for all File Transfer Protocol (FTP) objects is set to one day.
  13. On the Completing the New Cache Rule Wizard, review your settings. When you have finished reviewing your settings, click Finish.
  14. When the wizard has finished running, set the order of the new rule to be above any other rules that may apply to a similar destination set.
  15. If you want to change your cache rule settings, click Edit Selected Rule in the ISA Server Management details pane.
To turn off caching in ISA Server , follow these steps:

Note This option is not available in Microsoft Forefront Threat Management Gateway, Medium Business Edition.
  1. Click Start, point to Programs, point to Microsoft ISA Server, and then click ISA Server Management.
  2. In ISA Server Management, double-click ISAServerName, and then double-click Configuration.
  3. Right-click Cache, and then click Disable Caching.

References

For more information about reverse caching in ISA Server, see the following Microsoft TechNet article: http://technet.microsoft.com/en-us/library/bb794726.aspx
Propriedades

ID do Artigo: 837737 - Última Revisão: 7 de nov de 2008 - Revisão: 1

Comentários