Hi, If Real Time monitor gets a request from http://monitor.isa, by default it allows anybody to see monitor status. If customer configured displaying context of monitor only to members of administrators group (Configuration of RTM can be retrieved by double clicking on Real time monitor filter in ISA MMC configuration-> Proxy extensions) then it checks if the user is authenticated. If not, it passes the request to ISA server for authentication. When RTM gets user's SID, RTM checks if this SID is part of ADMINISTRATORs group. Since RTM uses universal SID checking, the administrators groups can be named differently in different. If a is not an administrator, RTM sends an error message html page (defined in file named deniedmsg.html in ISA directory) to the user's browser. Regards. -----Original Message----- From: Shamshad Ahmad [mailto:sahmad@xxxxxxxxx] Sent: Monday, May 13, 2002 2.04 PM To: [ISAserver.org Discussion List] Subject: [isalist] Re: GFI Realtime Monitor URL http://www.ISAserver.org Hi I have real-time monitor installed. Everybody can access monitor.isa. I want only selected people to access it. I tried using destination set but did not work. What else can I do to restrict access to monitor.isa Shamshad -----Original Message----- From: Deus, Attonbitus [mailto:Thor@xxxxxxxxxxxxxxx] Sent: Friday, May 10, 2002 10:10 AM To: [ISAserver.org Discussion List] Subject: [isalist] Re: GFI Realtime Monitor URL http://www.ISAserver.org -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 At 06:07 PM 5/9/2002, you wrote: >http://www.ISAserver.org > > >http://monitor.isa/ > >That should work for any internal client. It doesn't map to an IP. I >would think that somehow it monitors the tcp port 80 to look for >monitor.isa in the header and then display the real-time chart of >activity. Well, it will work for any web proxy internal client. A fw client or snat client whose browser is not set to use the proxy will not resolve. Setting the client browser to use the isa proxy does, though. Not sure if that is what you meant, but I thought I would clear that up. AD -----BEGIN PGP SIGNATURE----- Version: PGP 7.1 iQA/AwUBPNtPBYhsmyD15h5gEQJp9ACeMWFp1Y46G114Pn/4D8j6aR8/qkgAn2uJ r/vvEDAXmjDvcqLxf/GerEtF =y/qX -----END PGP SIGNATURE----- ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: sahmad@xxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub') ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: davidf@xxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub') **************************************************************** This mail was content checked for malicious code and viruses by MailSecurity. MailSecurity provides email content checking, exploit detection and anti-virus for Exchange. Spam, viruses, dangerous attachments & offensive content are removed automatically. Key features include: Multiple virus engines; Email content & attachment checking; Exploit shield - email intrusion detection & defence; Email threats engine - analyses & defuses HTML scripts, .exe files & more. *************************************************************** In addition to MailSecurity, GFI also produces the FAXmaker fax server & LANguard network security product ranges. For more information on our products, please visit http://www.gfi.com This disclaimer was sent by Mail essentials for Exchange/SMTP.