[isalist] Re: RES: Re: RES: Re: RES: Re: RES: Re: Doubts
- From: "Jim Harrison" <Jim@xxxxxxxxxxxx>
- To: <isalist@xxxxxxxxxxxxx>
- Date: Thu, 20 Apr 2006 09:20:56 -0700
http://www.ISAserver.org
-------------------------------------------------------
Read the article - it provides step-by-step instructions.
-------------------------------------------------------
Jim Harrison
MCP(NT4, W2K), A+, Network+, PCG
http://isaserver.org/Jim_Harrison/
http://isatools.org
Read the help / books / articles!
-------------------------------------------------------
-----Original Message-----
From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On
Behalf Of LEANDRO DOS S. FERREIRA - TI
Sent: Thursday, April 20, 2006 08:20
To: isalist@xxxxxxxxxxxxx
Subject: [isalist] RES: Re: RES: Re: RES: Re: RES: Re: Doubts
ok... where can i create it.
-----Mensagem original-----
De: isalist-bounce@xxxxxxxxxxxxx
[mailto:isalist-bounce@xxxxxxxxxxxxx]Em nome de Thomas W Shinder
Enviada em: quinta-feira, 20 de abril de 2006 12:00
Para: isalist@xxxxxxxxxxxxx
Assunto: [isalist] Re: RES: Re: RES: Re: RES: Re: Doubts
You have to create the signature. It's not there by default.
Thomas W Shinder, M.D.
Site: www.isaserver.org <http://www.isaserver.org/>
Blog: http://blogs.isaserver.org/shinder/
Book: http://tinyurl.com/3xqb7 <http://tinyurl.com/3xqb7>
MVP -- ISA Firewalls
________________________________
From: isalist-bounce@xxxxxxxxxxxxx
[mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of LEANDRO DOS S. FERREIRA - TI
Sent: Thursday, April 20, 2006 9:53 AM
To: isalist@xxxxxxxxxxxxx
Subject: [isalist] RES: Re: RES: Re: RES: Re: Doubts
in the figure 3... i can not found this figure here at may isa
std.
-----Mensagem original-----
De: isalist-bounce@xxxxxxxxxxxxx
[mailto:isalist-bounce@xxxxxxxxxxxxx]Em nome de Thomas W Shinder
Enviada em: quinta-feira, 20 de abril de 2006 10:47
Para: isalist@xxxxxxxxxxxxx
Assunto: [isalist] Re: RES: Re: RES: Re: Doubts
That's a lot of figures. Which one don't you have?
Thomas W Shinder, M.D.
Site: www.isaserver.org <http://www.isaserver.org/>
Blog: http://blogs.isaserver.org/shinder/
Book: http://tinyurl.com/3xqb7
<http://tinyurl.com/3xqb7>
MVP -- ISA Firewalls
________________________________
From: isalist-bounce@xxxxxxxxxxxxx
[mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of LEANDRO DOS S. FERREIRA - TI
Sent: Thursday, April 20, 2006 8:42 AM
To: isalist@xxxxxxxxxxxxx; Isalist@Webelists.
Com (E-mail)
Subject: [isalist] RES: Re: RES: Re: Doubts
In this part...
Configure the User Group Exception and the HTTP
Security Filter on the Deny Rule
Perform the following steps to configure the
HTTP security filter to block MSN Messenger:
1. Right click the Deny MSN 7.5 over HTTP
Access Rule and click Configure HTTP.
2. In the Configure HTTP policy for rule
dialog box, click the Signatures tab.
3. On the Signatures tab, click the Add
button.
4. In the Signature dialog box, enter a
name for the signature in the Name text box. In this example we'll name the
signature MSN 7.5 Request Header. In the Search in drop down list, select the
Request headers option. In the HTTP header text box, enter User-Agent: and in
the Signature text box, enter MSN Messenger. Your signature should look like
that in figure 3. Click OK.
<http://www.isaserver.org/img/upl/image0061141398087453.jpg>
Figure 3
1. Click OK in the Configure HTTP policy
for rule dialog box.
<http://www.isaserver.org/img/upl/image0081141398087453.jpg>
Figure 4
The Access Rule will now allow access to all
external HTTP and HTTPS sites, but will block any MSN Messenger connections
that attempt to use HTTP to gain outbound access. However, the rule still
applies to everyone, so we need to configure the rule to apply to everyone
except for those users who we do want to allow access to MSN Messenger 7.5. We
do this by creating an exception for this rule so that the rule doesn't apply
to that group of users:
1. Right click the Deny MSN 7.5 over HTTP
rule and click Properties.
2. In the Deny MSN 7.5 over HTTP
Properties dialog box, click the Users tab.
3. On the Users tab, click the Add button
next to the Exceptions list.
4. In the Add Users dialog box, double
click the ISA firewall Group to which you want to exempt from this rule. I have
already created an ISA firewall Group named Full Web Access, and populated this
group with users located in the Active Directory database. If you don't know
how to create ISA firewall Groups, check out our book or the ISA 2004 Help
file. Click Close.
<http://www.isaserver.org/img/upl/image0101141399046562.jpg>
Figure 5
1. Click OK in the Deny MSN 7.5 over HTTP
Properties dialog box.
<http://www.isaserver.org/img/upl/image0121141399046562.jpg>
Figure 6
-----Mensagem original-----
De: isalist-bounce@xxxxxxxxxxxxx
[mailto:isalist-bounce@xxxxxxxxxxxxx]Em nome de Thomas W Shinder
Enviada em: quinta-feira, 20 de abril
de 2006 10:07
Para: isalist@xxxxxxxxxxxxx;
Isalist@Webelists. Com (E-mail)
Assunto: [isalist] Re: RES: Re: Doubts
What figure number is that?
Thomas W Shinder, M.D.
Site: www.isaserver.org
<http://www.isaserver.org/>
Blog:
http://blogs.isaserver.org/shinder/
Book: http://tinyurl.com/3xqb7
<http://tinyurl.com/3xqb7>
MVP -- ISA Firewalls
________________________________
From:
isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of
LEANDRO DOS S. FERREIRA - TI
Sent: Thursday, April 20, 2006
6:41 AM
To: isalist@xxxxxxxxxxxxx;
Isalist@Webelists. Com (E-mail)
Subject: [isalist] RES: Re:
Doubts
THE SECOND MENU..... Configure
the User Group Exception and the HTTP Security Filter on the Deny Rule
-----Mensagem
original-----
De:
isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx]Em nome de
Thomas W Shinder
Enviada em:
quarta-feira, 19 de abril de 2006 20:24
Para:
isalist@xxxxxxxxxxxxx; Isalist@Webelists. Com (E-mail)
Assunto: [isalist] Re:
Doubts
What menu?
Thomas W Shinder, M.D.
Site: www.isaserver.org
<http://www.isaserver.org/>
Blog:
http://blogs.isaserver.org/shinder/
Book:
http://tinyurl.com/3xqb7 <http://tinyurl.com/3xqb7>
MVP -- ISA Firewalls
________________________________
From:
isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of
LEANDRO DOS S. FERREIRA - TI
Sent:
Wednesday, April 19, 2006 5:13 PM
To:
Isalist@Webelists. Com (E-mail)
Subject:
[isalist] Doubts
Hi... i am
trying apply this note:
http://www.isaserver.org/tutorials/ISA-Firewall-Quick-Tip-Blocking-MSN-Messenger-Access-Enabling-Access-Some-Users.html
but in the second part i can not find this menu on my system.... here i had
isaserver 2004 with sp2
Best Regards
LEANDRO DOS
SANTOS FERREIRA
IT Team
<Mailto:leandro@xxxxxxxxxxx>
http://www.cbmm.com.br <http://www.cbmm.com.br/>
CBMM -
Companhia Brasileira de Metalurgia e Mineração
This message
(including any attachments) is intended only for the use of the individual or
entity to which it is addressed and may contain information that is non-public,
proprietary, privileged, confidential, and exempt from disclosure under
applicable law or may constitute as attorney work product. If you are not the
intended recipient, you are hereby notified that any use, dissemination,
distribution, or copying of this communication is strictly prohibited. If you
have received this communication in error, notify us immediately by telephone
and (i) destroy this message if a facsimile or (ii) delete this message
immediately if this is an electronic communication. Thank you.
All mail to and from this domain is GFI-scanned.
------------------------------------------------------
List Archives: //www.freelists.org/archives/isalist/
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server Articles and Tutorials: http://www.isaserver.org/articles_tutorials/
ISA Server Blogs: http://blogs.isaserver.org/
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
To unsubscribe visit http://www.isaserver.org/pages/isalist.asp
Report abuse to listadmin@xxxxxxxxxxxxx
Other related posts:
