>Where do you specify this type of blocking in WebMon3? WARNING: It's not click and go feature. It requires you to understand HTML coding a bit. For each file type you can specify in WebMon action required: -Bypass -Scan -Scan with Download status window -Block For example: If you specify .mp3 to be scanned with download status window, user downloading this file-type will get download status window. This status window you can edint/control as you wish: It is file called DownloadingPage.html in WebMon main directory. In that html file there is function : // Parameters // // Computer : text containing IP or computer name of requester PC // User : text authenticated windows logon username served by ISA authentication system // Size : value 0-4GB. specifies expected size of object 0 if unknown // ContentType : text specifies original HTTP header contained Content-Type of downloaded object. // RealContentType: text specifies Content-Type corrected after real filetype signature checked beginning of the file. function UpdateDownloadDetails(Computer,User,Size,ContentType,RealContentType){ // This function doesnt do anything but enables to admin force stopping of downloads at the beginning of download // before rules are enforced by SCANNING engine at the end of downloading. // // or can be used warn user about potential danger based on file type // or deliver per user/subnet message } Just add line into this function to check if User or IP is allowed to download particular real filetype of specified size If he is nto allowed just html redirect page to your web page explaining your policy. Anybody who would want to expand on this, please email me directly please. DavidF ________________________________ From: Steve Gan [mailto:SGan@xxxxxxxxxx] Sent: Tuesday, August 23, 2005 12:31 PM To: [ISAserver.org Discussion List] Subject: [isalist] RE: 2nd....download restriction... http://www.ISAserver.org Hi David Where do you specify this type of blocking in WebMon3? Thanks. Steve ________________________________ KEYSYS INC This communication is confidential and intended only for the use of the individual(s) to whom it is addressed. The information contained in it may be the subject of professional privilege or protected from disclosure for other reasons. If you are not the intended addressee, please delete it, notify the sender, and do not disclose or reproduce any part of it without specific consent. This mail was content checked for malicious code and viruses by MailSecurity. MailSecurity provides email content checking, exploit detection and anti-virus for Exchange. Spam, viruses, dangerous attachments & offensive content are removed automatically. Key features include: * Multiple virus engines; * Email content & attachment checking; * Exploit shield - email intrusion detection & defence; * Email threats engine - analyses & defuses HTML scripts, .exe files & more. In addition to MailSecurity, GFI also produces the FAXmaker fax server & LANguard network security product ranges. For more information on our products, please visit http://www.keysys.com <http://www.keysys.com> . This disclaimer was sent by Mail essentials for Exchange/SMTP ________________________________ This mail was checked for viruses by GFI MailSecurity. GFI also develops anti-spam software (GFI MailEssentials), a fax server (GFI FAXmaker), and network security and management software (GFI LANguard) - www.gfi.com