No, there isn't a client. You can set the WSA to auth the users, either they get challenged (using LDAP for auth), or you can join the WSA to the domain and it will happen via NTLM. Browers that don't do NTLM will get a challenge...
I'm not sure what exactly you're asking about FTP.
FTP over HTTP is handled by the HTTP proxy. There's also a full native FTP proxy on the WSA.
In the Online Help there's a pretty detailed page... Contents>Web Proxy Services>Working with FTP connections
Microsoft's ISA is a firewall, with proxy/web cache and some web filtering tossed in too.
The WSA isn't a firewall, and its not generlly depolyed in-line. Usually you set up either PAC files or WCCP or Policy Based Routing to send HTTP, HTTPS, FTP traffic to it... I don't send any RDP traffic at the WSA, it wouldn't know what to do with it...
Maybe we need to step back.... You are trying to replace the ISA web proxy with an WSA.. was the ISA your firewall too?
What other security gear is in place? What are your requirements?
We are replacing MS ISA proxy servers with IronPort WSA S370 proxy servers.
We have several apps that make use the MS firewall client.
The MS firewall client enables HTTP-tunneling of TCP & UDP through the ISA proxy servers instead of going through firewalls.
These apps use various ports - and there are rules setup on the ISAs specifially for these apps and their ports.
I can find HTTP-tunneling software - commercial and freeware - but can't find any that I think will work through the IronPort WSA S370 proxy servers.
Would like to find someone who has implemented HTTP-tunneling using IronPort WSA 370 proxy servers.
Thanks again for your input.