I´ve a protocol rule access that permit only port 80 and 443; but users can access internet socket application and sites like www.xxx.com:9080 for example. There is a bug in isa server 2000?