Application blocking or filtering


Does anyone have a recommendation on how to block certain applications, or rather filter outbound protocols in MS ISA 2000? I know that my users are connecting to other services than HTTP and HTTPS through these allowed ports. Is it possible to filter that, or at least block the application through some third party solution for ISA?


Tomas Andersson
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

how about using a group policy within the organisation to stop the use of the programs...
Yes you can prevent outgoing protocols.  Make sure you have the protocol defined in the Protocol Definitions in the policy elements node.  Then simply create a Protocol Rule under Access Policy that denies any request using the protocol in question.  You are done!!!

For example, you want to block AOL Instant Messenger traffic from going out.  Here is how to do it.

1) Open the Protocol Rules under Access Policy node
2) Right click and choose Rule...
3) The wizard will ask you to name the rule.  Just give any name and click next.
4) On the rule action window, select deny and click next.
5) On the Protocols window, select "Selected Protocols" and at the bottom make a checkmark on the AOL Instant Messenger and click next
6) On the Schedule window, keep the always selection and click next.
7) On the Client type windows, select Any request and click next.
8) Click finish

Restart the firewall service.  Now all the outgoing AOL messenger traffic is blocked.
YMNORRAuthor Commented:
Well, I'm well familiar with access policies. The suggestion from Microtech is one that I've tried, but it's not the desired solution. I want to make sure that it is HTTP traffic on outgoing port 80 and HTTPS for port 443. Is there a way to do that? The users are very resourceful, they find their way around everything it seems ;-)

you need a Application Level Firewall aka Application Level Gateway aka Web Application Shield aka Application Proxy aka Adaptive Proxy aka ...
(sorry, there are lot of names arround, not my fault:)
Some traditional (network) firewalls support this also (I know of Checkpoint), but the support is limited or unacceptable 'cause of performance.

Are you prepared for $$$$$ (should not be a problem, 'cause you still have M$:-)), then a Application Level Firewall could do the trick. I don't know of any public tool, just some firewalls (as ISA too) have limited built-in facilities.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Software Firewalls

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.