Application blocking or filtering

Posted on 2004-11-24
Last Modified: 2010-04-08

Does anyone have a recommendation on how to block certain applications, or rather filter outbound protocols in MS ISA 2000? I know that my users are connecting to other services than HTTP and HTTPS through these allowed ports. Is it possible to filter that, or at least block the application through some third party solution for ISA?


Tomas Andersson
Question by:YMNORR
    LVL 17

    Expert Comment

    how about using a group policy within the organisation to stop the use of the programs...
    LVL 2

    Expert Comment

    Yes you can prevent outgoing protocols.  Make sure you have the protocol defined in the Protocol Definitions in the policy elements node.  Then simply create a Protocol Rule under Access Policy that denies any request using the protocol in question.  You are done!!!

    For example, you want to block AOL Instant Messenger traffic from going out.  Here is how to do it.

    1) Open the Protocol Rules under Access Policy node
    2) Right click and choose Rule...
    3) The wizard will ask you to name the rule.  Just give any name and click next.
    4) On the rule action window, select deny and click next.
    5) On the Protocols window, select "Selected Protocols" and at the bottom make a checkmark on the AOL Instant Messenger and click next
    6) On the Schedule window, keep the always selection and click next.
    7) On the Client type windows, select Any request and click next.
    8) Click finish

    Restart the firewall service.  Now all the outgoing AOL messenger traffic is blocked.
    LVL 1

    Author Comment

    Well, I'm well familiar with access policies. The suggestion from Microtech is one that I've tried, but it's not the desired solution. I want to make sure that it is HTTP traffic on outgoing port 80 and HTTPS for port 443. Is there a way to do that? The users are very resourceful, they find their way around everything it seems ;-)

    LVL 51

    Accepted Solution

    you need a Application Level Firewall aka Application Level Gateway aka Web Application Shield aka Application Proxy aka Adaptive Proxy aka ...
    (sorry, there are lot of names arround, not my fault:)
    Some traditional (network) firewalls support this also (I know of Checkpoint), but the support is limited or unacceptable 'cause of performance.

    Are you prepared for $$$$$ (should not be a problem, 'cause you still have M$:-)), then a Application Level Firewall could do the trick. I don't know of any public tool, just some firewalls (as ISA too) have limited built-in facilities.

    Featured Post

    Highfive Gives IT Their Time Back

    Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

    Join & Write a Comment

    Suggested Solutions

    Title # Comments Views Activity
    Sonicwall NSA 5500 7 112
    Firewall question 5 85
    Using Netsh to enable a firewall for a particular profile 6 79
    DDOS against DYN 9 6
    Wikipedia defines 'Script Kiddies' in this informal way: "In hacker culture, a script kiddie, occasionally script bunny, skiddie, script kitty, script-running juvenile (SRJ), or similar, is a derogatory term used to describe those who use scripts or…
    This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
    This video discusses moving either the default database or any database to a new volume.
    In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor ( If you're interested in additional methods for monitoring bandwidt…

    729 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    15 Experts available now in Live!

    Get 1:1 Help Now