No; the Firewall client is an enabler, not a blocker. -----Original Message----- From: Paul Noble [mailto:pnoble@xxxxxxxxxxxxxxxxxxxxxxxxxx] Sent: Friday, October 07, 2005 2:06 AM To: [ISAserver.org Discussion List] Subject: [isalist] Exe restrictions http://www.ISAserver.org Allo again. I'm looking at the http policy settings and the firewall client application settings, I've read the information in Toms book in chapter 7 and 10 concerning setting up specific filters to block certain programs from connecting, but is there a way to put in a default block all programs and explicitly allow only certain registered programs? I'm thinking, denying all web browsers other than iexplore.exe and adding the specific programs we use that I see in the sessions and logging sections, along with allowing the specific programs we use (we 'should' only really use about 5 programs that access the internet for any reason) Is this possible and a recommended way of default blocking everything that tries to tunnel thru http among other things? Paul. ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: jim@xxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx All mail to and from this domain is GFI-scanned.