RE: RES: Whats the best way?

Hi Tiago,
 
You're aware that S&C rules are completely ignorant of protocols?
Thus, the "FTP and web access" is not accurate.

________________________________

From: Tiago de Aviz [mailto:Tiago@xxxxxxxxxxxxxxx]
Sent: Tue 11/30/2004 6:33 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] RES: Whats the best way?



http://www.ISAserver.org

Well, in ISA 2000, you can create a protocol rule for the server's IP addresses 
that only allows http, https and ftp. Then, create a site and content rule that 
only allows FTP and web access to the sites you need that are specified in a 
destination set.

In ISA 2004, you should create a rule that traffic coming from your server's ip 
addresses, using FTP, HTTP and HTTPS, going to the specific sites or to the 
external network are allowed.

I dunno if that's what you meant, but here it is ;)

Tiago

-----Mensagem original-----
De: Andrew English [mailto:andrew@xxxxxxxxxxxxxxxxxxxxxx]
Enviada em: terça-feira, 30 de novembro de 2004 12:22
Para: [ISAserver.org Discussion List]
Assunto: [isalist] Whats the best way?

http://www.ISAserver.org


What's the best way to allow the servers that are going through ISA to
the internet to still have access to the Web, Windows Updates, DNS, and
FTP without pushing ALL outbound traffic out?

Regards,
Andrew


------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as: 
tiago@xxxxxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx



------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as: 
jim@xxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx



All mail to and from this domain is GFI-scanned.

Other related posts: