I know this has been discussed a couple of times, but I don't remember if we ever found a solution to it... The way I have it setup now, to keep unauthorized software from using http-tunneling and bypassing the filters, we inspect the "User-Agent" portion of the header and block certain strings with the http filter. This works, but the error message given to the client also explains that it was blocked due to a User-Agent string. With programs such as FireFox, they can then go in and modify their User-Agent string to allow it through. In addition, knowing all the User-Agent strings to block is difficult if not impossible. So, it would make logical sense to use a "block all except" approach to this instead. However, I have yet to be able to find this option, is it possible in ISA2004? ________________________________ The correct technical term for haggis stalking is "havering". <http://haggishunt.scotsman.com/haggisclopedia.cfm?part=5> ________________________________