Hi All, I'd like to take full control over how USERs on our network access the Intanethi or Internet. Firewall Policy - Current configured Internet Access Rule: Policy Name Action Protocols Frm/Lstnr To Array Allow NET Allow FTP,HTTP, HTTPS Internal localhost External Condition ? All USers If I change or remove the All users condition to an AD created User Group (ALLOWED INTERNET USERS) that contains list of allowed user - the internet connection gets lost. A user set is defined on ISA server The idea is to be able to see what sites the user browse and who are the heavy users? My ISA is a domain member... Any pointers? Thanks you. --------------------------------- Do you Yahoo!? Everyone is raving about the all-new Yahoo! Mail Beta.