Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

ISA 2000 configuration question running on 2003, with surfcontrol

Posted on 2003-11-13
5
Medium Priority
?
531 Views
Last Modified: 2013-11-16
I would like to know how to configure ISA 2000 to use proxy for all web request (and use surfcontrol to filter web content) but bridge all other TCP traffic.  
currently how I have it setup users can't publish front page updates and lots of other ports are blocked, I need all ports but 80 to be open and "tunneled".  
The ISA server is behind a firewall but adult/hate content filtering is a priority.  
I also have a Java application that is working but is to slow the way I have the system configured.
0
Comment
Question by:rrbigger
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
5 Comments
 
LVL 18

Accepted Solution

by:
chicagoan earned 500 total points
ID: 9745349
Start with http://support.microsoft.com/default.aspx?scid=kb;en-us;310129&sd=tech

Your best overall resource is http://www.microsoft.com/technet/treeview/default.asp?url=/technet/prodtechnol/isa/deploy/isaentin.asp

An important consideration, you have to make sure that clients don't have another avenue of accessing the web.
If there are routes out of your network that circumvent the proxy server, a  knowledgable can change their default gateway or add static routes unless you block that traffic.  You might not want all of your traffic going through the ISA server, just your http traffic, depending on whether you intend to deploy VPNs and where, how capable your firewall is, how much traffic you have, what applications you have to support.

You'll have to configure the clients browsers so that the proxy server is the ISA Server computer.
The simplest way is to use an proxy script the users import into their browser.
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/prodtechnol/windowsserver2003/proddocs/entserver/cmak_ops_55.asp

>I need all ports but 80 to be open and "tunneled".  
really? kaaza, morpheus, winmx, IRC, messenger, netbios-ns, sql ???
There are some elements to being a good internet neighbor and not allowing certain traffic out and there are security opportunities here that you should take advantage of.
Depending on your router and firewall, you may want to implement some of your packet filtering on them as they might be a better platform.


 
0
 

Expert Comment

by:asgarali
ID: 9894717
hi rr

i would suggest you to browse thru this site it all about isaserver  http://www.isaserver.org/




stack
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The well known Cerber ransomware continues to spread this summer through spear phishing email campaigns targeting enterprises. Learn how it easily bypasses traditional defenses - and what you can do to protect your data.
Will you be ready when the clock on GDPR compliance runs out? Is GDPR even something you need to worry about? Find out more about the upcoming regulation changes and download our comprehensive GDPR checklist today !
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
This video Micro Tutorial shows how to password-protect PDF files with free software. Many software products can do this, such as Adobe Acrobat (but not Adobe Reader), Nuance PaperPort, and Nuance Power PDF, but they are not free products. This vide…

664 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question