[isalist] Re: RES: Re: RES: Re: RES: Re: Doubts
- From: "Thomas W Shinder" <tshinder@xxxxxxxxxxx>
- To: <isalist@xxxxxxxxxxxxx>
- Date: Thu, 20 Apr 2006 10:00:23 -0500
You have to create the signature. It's not there by default.
Thomas W Shinder, M.D.
Site: www.isaserver.org <http://www.isaserver.org/>
Blog: http://blogs.isaserver.org/shinder/
Book: http://tinyurl.com/3xqb7 <http://tinyurl.com/3xqb7>
MVP -- ISA Firewalls
________________________________
From: isalist-bounce@xxxxxxxxxxxxx
[mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of LEANDRO DOS S. FERREIRA - TI
Sent: Thursday, April 20, 2006 9:53 AM
To: isalist@xxxxxxxxxxxxx
Subject: [isalist] RES: Re: RES: Re: RES: Re: Doubts
in the figure 3... i can not found this figure here at may isa std.
-----Mensagem original-----
De: isalist-bounce@xxxxxxxxxxxxx
[mailto:isalist-bounce@xxxxxxxxxxxxx]Em nome de Thomas W Shinder
Enviada em: quinta-feira, 20 de abril de 2006 10:47
Para: isalist@xxxxxxxxxxxxx
Assunto: [isalist] Re: RES: Re: RES: Re: Doubts
That's a lot of figures. Which one don't you have?
Thomas W Shinder, M.D.
Site: www.isaserver.org <http://www.isaserver.org/>
Blog: http://blogs.isaserver.org/shinder/
Book: http://tinyurl.com/3xqb7 <http://tinyurl.com/3xqb7>
MVP -- ISA Firewalls
________________________________
From: isalist-bounce@xxxxxxxxxxxxx
[mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of LEANDRO DOS S. FERREIRA - TI
Sent: Thursday, April 20, 2006 8:42 AM
To: isalist@xxxxxxxxxxxxx; Isalist@Webelists. Com
(E-mail)
Subject: [isalist] RES: Re: RES: Re: Doubts
In this part...
Configure the User Group Exception and the HTTP
Security Filter on the Deny Rule
Perform the following steps to configure the HTTP
security filter to block MSN Messenger:
1. Right click the Deny MSN 7.5 over HTTP Access
Rule and click Configure HTTP.
2. In the Configure HTTP policy for rule dialog
box, click the Signatures tab.
3. On the Signatures tab, click the Add button.
4. In the Signature dialog box, enter a name for
the signature in the Name text box. In this example we'll name the signature
MSN 7.5 Request Header. In the Search in drop down list, select the Request
headers option. In the HTTP header text box, enter User-Agent: and in the
Signature text box, enter MSN Messenger. Your signature should look like that
in figure 3. Click OK.
<http://www.isaserver.org/img/upl/image0061141398087453.jpg>
Figure 3
5. Click OK in the Configure HTTP policy for rule
dialog box.
<http://www.isaserver.org/img/upl/image0081141398087453.jpg>
Figure 4
The Access Rule will now allow access to all external
HTTP and HTTPS sites, but will block any MSN Messenger connections that attempt
to use HTTP to gain outbound access. However, the rule still applies to
everyone, so we need to configure the rule to apply to everyone except for
those users who we do want to allow access to MSN Messenger 7.5. We do this by
creating an exception for this rule so that the rule doesn't apply to that
group of users:
1. Right click the Deny MSN 7.5 over HTTP rule and
click Properties.
2. In the Deny MSN 7.5 over HTTP Properties dialog
box, click the Users tab.
3. On the Users tab, click the Add button next to
the Exceptions list.
4. In the Add Users dialog box, double click the
ISA firewall Group to which you want to exempt from this rule. I have already
created an ISA firewall Group named Full Web Access, and populated this group
with users located in the Active Directory database. If you don't know how to
create ISA firewall Groups, check out our book or the ISA 2004 Help file. Click
Close.
<http://www.isaserver.org/img/upl/image0101141399046562.jpg>
Figure 5
5. Click OK in the Deny MSN 7.5 over HTTP
Properties dialog box.
<http://www.isaserver.org/img/upl/image0121141399046562.jpg>
Figure 6
-----Mensagem original-----
De: isalist-bounce@xxxxxxxxxxxxx
[mailto:isalist-bounce@xxxxxxxxxxxxx]Em nome de Thomas W Shinder
Enviada em: quinta-feira, 20 de abril de 2006
10:07
Para: isalist@xxxxxxxxxxxxx; Isalist@Webelists.
Com (E-mail)
Assunto: [isalist] Re: RES: Re: Doubts
What figure number is that?
Thomas W Shinder, M.D.
Site: www.isaserver.org
<http://www.isaserver.org/>
Blog: http://blogs.isaserver.org/shinder/
Book: http://tinyurl.com/3xqb7
<http://tinyurl.com/3xqb7>
MVP -- ISA Firewalls
________________________________
From: isalist-bounce@xxxxxxxxxxxxx
[mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of LEANDRO DOS S. FERREIRA - TI
Sent: Thursday, April 20, 2006 6:41 AM
To: isalist@xxxxxxxxxxxxx;
Isalist@Webelists. Com (E-mail)
Subject: [isalist] RES: Re: Doubts
THE SECOND MENU..... Configure the User
Group Exception and the HTTP Security Filter on the Deny Rule
-----Mensagem original-----
De: isalist-bounce@xxxxxxxxxxxxx
[mailto:isalist-bounce@xxxxxxxxxxxxx]Em nome de Thomas W Shinder
Enviada em: quarta-feira, 19 de abril
de 2006 20:24
Para: isalist@xxxxxxxxxxxxx;
Isalist@Webelists. Com (E-mail)
Assunto: [isalist] Re: Doubts
What menu?
Thomas W Shinder, M.D.
Site: www.isaserver.org
<http://www.isaserver.org/>
Blog:
http://blogs.isaserver.org/shinder/
Book: http://tinyurl.com/3xqb7
<http://tinyurl.com/3xqb7>
MVP -- ISA Firewalls
________________________________
From: isalist-bounce@xxxxxxxxxxxxx
[mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of LEANDRO DOS S. FERREIRA - TI
Sent: Wednesday, April 19, 2006 5:13 PM
To: Isalist@Webelists. Com (E-mail)
Subject: [isalist] Doubts
Hi... i am trying apply this note:
http://www.isaserver.org/tutorials/ISA-Firewall-Quick-Tip-Blocking-MSN-Messenger-Access-Enabling-Access-Some-Users.html
but in the second part i can not find this menu on my system.... here i had
isaserver 2004 with sp2
Best Regards
LEANDRO DOS SANTOS FERREIRA
IT Team
<Mailto:leandro@xxxxxxxxxxx>
http://www.cbmm.com.br
<http://www.cbmm.com.br/>
CBMM - Companhia Brasileira de
Metalurgia e Mineração
This message (including any
attachments) is intended only for the use of the individual or entity to which
it is addressed and may contain information that is non-public, proprietary,
privileged, confidential, and exempt from disclosure under applicable law or
may constitute as attorney work product. If you are not the intended recipient,
you are hereby notified that any use, dissemination, distribution, or copying
of this communication is strictly prohibited. If you have received this
communication in error, notify us immediately by telephone and (i) destroy this
message if a facsimile or (ii) delete this message immediately if this is an
electronic communication. Thank you.
Other related posts:
