Hi all
We have had a few penetration tests on an environment which highlight the fact that the ISAWPLB cookie is not secure.
I understand that ISAWPLB stands for ISA Web Publishing Load Balancing and is used when you publish multiple Web Front End Servers in ISA Server/TMG 2010 to keep the requests going to the same server
Does anybody know how this can be secured?
If I understand the below article correctly, using IP addresses may not be an alternative due to the NAT relationship?
http://technet.microsoft.com/en-us/library/bb794841.aspx
A bit about the environment;
We are utilising ISA 2006 behind a Watchguard device with a NAT relationship.
Multiple SharePoint front end servers are published as a Web/Server Farm in ISA and using the cookie based load balancing mechanism.
HTML ISA form for login with basic authentication for the authentication delegation in the publishing rule
Persistent cookies are also used to enable Microsoft Office to open documents directly when the secure login is selected in the login form.
The URLs are using a ssl wildcard certificate which is also the same URL used internally.
Thanks in advance for any advice/comments.
Chris.