[isalist] Doubts

• From: "LEANDRO DOS S. FERREIRA - TI" <LEANDRO@xxxxxxxxxxx>
• To: <isalist@xxxxxxxxxxxxx>
• Date: Thu, 20 Apr 2006 14:26:37 -0300

ok... but inmy access rule do not have the Configure HTTP. 
 
 


Configure the User Group Exception and the HTTP Security Filter on the Deny Rule


Perform the following steps to configure the HTTP security filter to block MSN 
Messenger:

1.      Right click the Deny MSN 7.5 over HTTP Access Rule and click Configure 
HTTP. 

2.      In the Configure HTTP policy for rule dialog box, click the Signatures 
tab. 

3.      On the Signatures tab, click the Add button. 

4.      In the Signature dialog box, enter a name for the signature in the Name 
text box. In this example we'll name the signature MSN 7.5 Request Header. In 
the Search in drop down list, select the Request headers option. In the HTTP 
header text box, enter User-Agent: and in the Signature text box, enter MSN 
Messenger. Your signature should look like that in figure 3. Click OK.

  <http://www.isaserver.org/img/upl/image0061141398087453.jpg> 
Figure 3

5.      Click OK in the Configure HTTP policy for rule dialog box.

  <http://www.isaserver.org/img/upl/image0081141398087453.jpg> 
Figure 4

The Access Rule will now allow access to all external HTTP and HTTPS sites, but 
will block any MSN Messenger connections that attempt to use HTTP to gain 
outbound access. However, the rule still applies to everyone, so we need to 
configure the rule to apply to everyone except for those users who we do want 
to allow access to MSN Messenger 7.5. We do this by creating an exception for 
this rule so that the rule doesn't apply to that group of users:

1.      Right click the Deny MSN 7.5 over HTTP rule and click Properties. 

2.      In the Deny MSN 7.5 over HTTP Properties dialog box, click the Users 
tab. 

3.      On the Users tab, click the Add button next to the Exceptions list. 

4.      In the Add Users dialog box, double click the ISA firewall Group to 
which you want to exempt from this rule. I have already created an ISA firewall 
Group named Full Web Access, and populated this group with users located in the 
Active Directory database. If you don't know how to create ISA firewall Groups, 
check out our book or the ISA 2004 Help file. Click Close.

  <http://www.isaserver.org/img/upl/image0101141399046562.jpg> 
Figure 5

5.      Click OK in the Deny MSN 7.5 over HTTP Properties dialog box.

  <http://www.isaserver.org/img/upl/image0121141399046562.jpg> 
Figure 6

-----Mensagem original-----
De: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx]Em nome 
de Thomas W Shinder
Enviada em: quinta-feira, 20 de abril de 2006 10:07
Para: isalist@xxxxxxxxxxxxx; Isalist@Webelists. Com (E-mail)
Assunto: [isalist] Re: RES: Re: Doubts


What figure number is that?
 
Thomas W Shinder, M.D.
Site: www.isaserver.org <http://www.isaserver.org/> 
Blog: http://blogs.isaserver.org/shinder/
Book:  <http://tinyurl.com/3xqb7> http://tinyurl.com/3xqb7
MVP -- ISA Firewalls

 


  _____  

From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On 
Behalf Of LEANDRO DOS S. FERREIRA - TI
Sent: Thursday, April 20, 2006 6:41 AM
To: isalist@xxxxxxxxxxxxx; Isalist@Webelists. Com (E-mail)
Subject: [isalist] RES: Re: Doubts


THE SECOND MENU..... Configure the User Group Exception and the HTTP Security 
Filter on the Deny Rule

-----Mensagem original-----
De: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx]Em nome 
de Thomas W Shinder
Enviada em: quarta-feira, 19 de abril de 2006 20:24
Para: isalist@xxxxxxxxxxxxx; Isalist@Webelists. Com (E-mail)
Assunto: [isalist] Re: Doubts


What menu?
 
Thomas W Shinder, M.D.
Site: www.isaserver.org <http://www.isaserver.org/> 
Blog: http://blogs.isaserver.org/shinder/
Book:  <http://tinyurl.com/3xqb7> http://tinyurl.com/3xqb7
MVP -- ISA Firewalls

 


  _____  

From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On 
Behalf Of LEANDRO DOS S. FERREIRA - TI
Sent: Wednesday, April 19, 2006 5:13 PM
To: Isalist@Webelists. Com (E-mail)
Subject: [isalist] Doubts


Hi... i am trying apply this note: 
http://www.isaserver.org/tutorials/ISA-Firewall-Quick-Tip-Blocking-MSN-Messenger-Access-Enabling-Access-Some-Users.html
  but in the second part i can not find this menu on my system.... here i had 
isaserver 2004 with sp2

Best Regards

LEANDRO DOS SANTOS FERREIRA
IT Team
< Mailto:leandro@xxxxxxxxxxx> 
http://www.cbmm.com.br <http://www.cbmm.com.br/> 
CBMM - Companhia Brasileira de Metalurgia e Mineração 



This message (including any attachments) is intended only for the use of the 
individual or entity to which it is addressed and may contain information that 
is non-public, proprietary, privileged, confidential, and exempt from 
disclosure under applicable law or may constitute as attorney work product. If 
you are not the intended recipient, you are hereby notified that any use, 
dissemination, distribution, or copying of this communication is strictly 
prohibited. If you have received this communication in error, notify us 
immediately by telephone and (i) destroy this message if a facsimile or (ii) 
delete this message immediately if this is an electronic communication. Thank 
you. 

 

 

 

Other related posts:

• » [isalist] Doubts
• » [isalist] Re: Doubts
• » [isalist] Doubts
• » [isalist] Re: Doubts

1. Home
2. isalist
3. Archive
4. 04-2006

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---