There are a lot of misc. clients that use HTTP as their transport like RealOne, Gator, NAV, and all those other extraneous things that show up in the SysTray. They don't send OS info in their user-agent headers. Of course that's assuming that I'm correct in thinking the reports pull the OS from the user-agent field :) That's the only place I can think of that the info would show up. Sound right Jim? -Shawn ----- Shawn R. Quillman Robert Bosch Corporation RBNA/CIT7 38000 Hills Tech Drive Farmington Hills, MI 48331 (248) 553-1164 (P) (248) 848-2855 (F) shawn.quillman@xxxxxxxxxxxx -----Original Message----- From: Jay [mailto:jschwarzkopf@xxxxxxxxxx] Sent: Wednesday, October 09, 2002 11:55 PM To: [ISAserver.org Discussion List] Subject: [isalist] RE: Blocking OS's from getting through http://www.ISAserver.org On that note, can someone explain why ISA reports showing OS's used show Win2k and UNKNOWN for an environment consisting of only Win2k? ----- Original Message ----- From: Quillman Shawn (RBNA/CIT7) <mailto:Shawn.Quillman@xxxxxxxxxxxx> To: [ISAserver.org Discussion List] <mailto:isalist@xxxxxxxxxxxxx> Sent: Wednesday, October 09, 2002 4:37 PM Subject: [isalist] RE: Blocking OS's from getting through http://www.ISAserver.org <http://www.ISAserver.org> This message is in MIME format. Since your mail reader does not understand this format, some or all of this message may not be legible. _____ Only thing I can think of is to assign address ranges to the different types of machines and allow the address ranges of windows machines through. I believe ISA gets its OS info from the user-agent header (for reporting) and there's no way to set up rules based on user-agent. There's no way to set rules based on machine accounts, just users and groups. -Shawn ----- Shawn R. Quillman Robert Bosch Corporation RBNA/CIT7 38000 Hills Tech Drive Farmington Hills, MI 48331 (248) 553-1164 (P) (248) 848-2855 (F) shawn.quillman@xxxxxxxxxxxx -----Original Message----- From: Brewer, Lewis [mailto:lewis.brewer@xxxxxx] Sent: Wednesday, October 09, 2002 4:29 PM To: [ISAserver.org Discussion List] Subject: [isalist] Blocking OS's from getting through http://www.ISAserver.org Ok here is the question I have for you all. I want to setup ISA to only let Windows 2000 Pro and XP Pro through the firewall, everything else is blocked, even if you know the proper proxy settings it won't let you out if you are not running the correct OS. Now if this can be done by blocking machines that don't have computer accounts in the domain that is just as good to me. Any suggestions? Lewis Brewer ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Exchange Server Resource Site: http://www.msexchange.org/ Windows Security Resource Site: http://www.windowsecurity.com/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: shawn.quillman@xxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub') _____ ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Exchange Server Resource Site: http://www.msexchange.org/ Windows Security Resource Site: http://www.windowsecurity.com/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: jschwarzkopf@xxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub') ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Exchange Server Resource Site: http://www.msexchange.org/ Windows Security Resource Site: http://www.windowsecurity.com/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: shawn.quillman@xxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub')