Re: Site and Content Rules

• From: "Chris H" <ntpro@xxxxxxxxxx>
• To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
• Date: Tue, 6 Jan 2004 11:07:08 -0500

You may need to reinstall but that is exactly what I use it for and it works splendidly

install in combo mode (firewall and cache)
add basic protocol rule for http/https/ftp and allow domain users (or other group) only
add policy element > content group> for .exe and others (.bat, .ocx, etc.)
add site and content for http and select the .exe content group you created
I even redirect them to a "no-no" internal web page when they try to download executiables.

done

HTH

Chris

----- Original Message ----- From: "Derek Taylor" <d.taylor@xxxxxxxxxxxxxx>
To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
Sent: Tuesday, January 06, 2004 10:33 AM
Subject: [isalist] Re: Site and Content Rules

http://www.ISAserver.org

Thanks Chaps. I currently have the HTTP redirector disabled (although I'm
trying to get Real Player through and Microsoft suggest enabling it :-( )
ALl I want to do is get a secure firewall that allows web access out,
inbound access to our web and mail servers (got the inbound web and mail
sorted), blocks the downloading of nasty file types and gives me some logs
about who's been doing what. I'm ditching a Watchguard FB700 in favour of
ISA. Thankfully, my FB700 is still on the outside of the ISA server
because I'm struggling to open up the tap just a little. It seems to want
to be open all or nothing if you get my drift. Anyway, I have an HTTP
protocol rule setup which is open apart from applying to "domain
name/domain users". This works OK but I'm still seeing anonymous web
sessions in addition to identifiable web sessions. I thought that by
specifying the same settings to the Site and Content Rules, it would get
rid of the anonymous sessions but it stops outbound access completely.

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as: ntpro@xxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')

Other related posts:

• » Site and Content Rules
• » Re: Site and Content Rules
• » Re: Site and Content Rules
• » Re: Site and Content Rules
• » Re: Site and Content Rules
• » Re: Site and Content Rules
• » Site and Content Rules
• » Site and Content Rules
• » Site and Content Rules
• » Re: Site and Content Rules
• » Site and Content Rules
• » RE: Site and Content Rules
• » RE: Site and Content Rules
• » RE: Site and Content Rules
• » RE: Site and Content Rules
• » RE: Site and Content Rules
• » Site and Content Rules
• » RE: Site and Content Rules

1. Home
2. isalist
3. Archive
4. 01-2004

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---