[isalist] Re: RES: Re: Doubts
- From: "Thomas W Shinder" <tshinder@xxxxxxxxxxx>
- To: <isalist@xxxxxxxxxxxxx>
- Date: Thu, 20 Apr 2006 16:05:14 -0500
Who changed it the first time?
Thomas W Shinder, M.D.
Site: www.isaserver.org <http://www.isaserver.org/>
Blog: http://blogs.isaserver.org/shinder/
Book: http://tinyurl.com/3xqb7 <http://tinyurl.com/3xqb7>
MVP -- ISA Firewalls
________________________________
From: isalist-bounce@xxxxxxxxxxxxx
[mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Steve Moffat
Sent: Thursday, April 20, 2006 4:03 PM
To: ISA Mailing List
Subject: [isalist] Re: RES: Re: Doubts
STOP SHOUTING!!!!
________________________________
From: isalist-bounce@xxxxxxxxxxxxx
[mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of LEANDRO DOS S. FERREIRA - TI
Sent: Thursday, April 20, 2006 2:50 PM
To: ISA Mailing List
Subject: [isalist] RES: Re: Doubts
WHERE CAN I CHANGE THIS ?
-----Mensagem original-----
De: isalist-bounce@xxxxxxxxxxxxx
[mailto:isalist-bounce@xxxxxxxxxxxxx]Em nome de Thomas W Shinder
Enviada em: quinta-feira, 20 de abril de 2006 14:33
Para: isalist@xxxxxxxxxxxxx
Assunto: [isalist] Re: Doubts
That's because you unbound the Web proxy filter from the HTTP
protocol.
Thomas W Shinder, M.D.
Site: www.isaserver.org <http://www.isaserver.org/>
Blog: http://blogs.isaserver.org/shinder/
Book: http://tinyurl.com/3xqb7
MVP -- ISA Firewalls
________________________________
From: isalist-bounce@xxxxxxxxxxxxx
[mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of LEANDRO DOS S. FERREIRA - TI
Sent: Thursday, April 20, 2006 12:27 PM
To: isalist@xxxxxxxxxxxxx
Subject: [isalist] Doubts
ok... but inmy access rule do not have the Configure
HTTP.
Configure the User Group Exception and
the HTTP Security Filter on the Deny Rule
Perform the following steps to
configure the HTTP security filter to block MSN Messenger:
1. Right click the Deny MSN 7.5
over HTTP Access Rule and click Configure HTTP.
2. In the Configure HTTP policy
for rule dialog box, click the Signatures tab.
3. On the Signatures tab, click
the Add button.
4. In the Signature dialog box,
enter a name for the signature in the Name text box. In this example we'll name
the signature MSN 7.5 Request Header. In the Search in drop down list, select
the Request headers option. In the HTTP header text box, enter User-Agent: and
in the Signature text box, enter MSN Messenger. Your signature should look like
that in figure 3. Click OK.
Figure 3
1. Click OK in the Configure HTTP
policy for rule dialog box.
Figure 4
The Access Rule will now allow access
to all external HTTP and HTTPS sites, but will block any MSN Messenger
connections that attempt to use HTTP to gain outbound access. However, the rule
still applies to everyone, so we need to configure the rule to apply to
everyone except for those users who we do want to allow access to MSN Messenger
7.5. We do this by creating an exception for this rule so that the rule doesn't
apply to that group of users:
1. Right click the Deny MSN 7.5
over HTTP rule and click Properties.
2. In the Deny MSN 7.5 over HTTP
Properties dialog box, click the Users tab.
3. On the Users tab, click the Add
button next to the Exceptions list.
4. In the Add Users dialog box,
double click the ISA firewall Group to which you want to exempt from this rule.
I have already created an ISA firewall Group named Full Web Access, and
populated this group with users located in the Active Directory database. If
you don't know how to create ISA firewall Groups, check out our book or the ISA
2004 Help file. Click Close.
Figure 5
1. Click OK in the Deny MSN 7.5
over HTTP Properties dialog box.
Figure 6
-----Mensagem original-----
De: isalist-bounce@xxxxxxxxxxxxx
[mailto:isalist-bounce@xxxxxxxxxxxxx]Em nome de Thomas W Shinder
Enviada em: quinta-feira, 20 de abril
de 2006 10:07
Para: isalist@xxxxxxxxxxxxx;
Isalist@Webelists. Com (E-mail)
Assunto: [isalist] Re: RES: Re: Doubts
What figure number is that?
Thomas W Shinder, M.D.
Site: www.isaserver.org
<http://www.isaserver.org/>
Blog:
http://blogs.isaserver.org/shinder/
Book: http://tinyurl.com/3xqb7
MVP -- ISA Firewalls
________________________________
From: isalist-bounce@xxxxxxxxxxxxx
[mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of LEANDRO DOS S. FERREIRA - TI
Sent: Thursday, April 20, 2006 6:41 AM
To: isalist@xxxxxxxxxxxxx;
Isalist@Webelists. Com (E-mail)
Subject: [isalist] RES: Re: Doubts
THE SECOND MENU..... Configure the User
Group Exception and the HTTP Security Filter on the Deny Rule
-----Mensagem original-----
De: isalist-bounce@xxxxxxxxxxxxx
[mailto:isalist-bounce@xxxxxxxxxxxxx]Em nome de Thomas W Shinder
Enviada em: quarta-feira, 19 de abril
de 2006 20:24
Para: isalist@xxxxxxxxxxxxx;
Isalist@Webelists. Com (E-mail)
Assunto: [isalist] Re: Doubts
What menu?
Thomas W Shinder, M.D.
Site: www.isaserver.org
<http://www.isaserver.org/>
Blog:
http://blogs.isaserver.org/shinder/
Book: http://tinyurl.com/3xqb7
MVP -- ISA Firewalls
________________________________
From: isalist-bounce@xxxxxxxxxxxxx
[mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of LEANDRO DOS S. FERREIRA - TI
Sent: Wednesday, April 19, 2006 5:13 PM
To: Isalist@Webelists. Com (E-mail)
Subject: [isalist] Doubts
Hi... i am trying apply this note:
http://www.isaserver.org/tutorials/ISA-Firewall-Quick-Tip-Blocking-MSN-Messenger-Access-Enabling-Access-Some-Users.html
but in the second part i can not find this menu on my system.... here i had
isaserver 2004 with sp2
Best Regards
LEANDRO DOS SANTOS FERREIRA
IT Team
<Mailto:leandro@xxxxxxxxxxx>
http://www.cbmm.com.br
<http://www.cbmm.com.br/>
CBMM - Companhia Brasileira de
Metalurgia e Mineração
This message (including any
attachments) is intended only for the use of the individual or entity to which
it is addressed and may contain information that is non-public, proprietary,
privileged, confidential, and exempt from disclosure under applicable law or
may constitute as attorney work product. If you are not the intended recipient,
you are hereby notified that any use, dissemination, distribution, or copying
of this communication is strictly prohibited. If you have received this
communication in error, notify us immediately by telephone and (i) destroy this
message if a facsimile or (ii) delete this message immediately if this is an
electronic communication. Thank you.
Other related posts:
