• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 229
  • Last Modified:

Monitoring Users and Blocking downloads in ISA 2004 firewall

Hi there,

I am network administrator. I am running windows 2003 domain . I have also installed ISA 2004 with service pack2 on windows 2003 server in workgroup mode. My domain users access web and other internet stuff through ISA. This is working fine. I have not installed any isa firewall client on workstations, they are running in secureNAt mode.

My question is How can I monitor my users internet activity e.g. http, ftp, downloads. The idea is to control the bandwidth usage.  Also let me khow if there is any way to block the downloads through ISA 2004.

there are some third party tools on internet which carry out this function , but I am not sure about the security and stability of my current firewall.

Please help me to provide the solution of this query.


  • 3
1 Solution
Keith AlabasterEnterprise ArchitectCommented:
As your work stations are configured for SecureNAT, I'll assume you have two nics in your server and you are in Firewall mode, not Proxy mode.

1. Have you configured the reports within ISA server?
click on monitoring - reports.
open the toolbox on the right-hand side abd create a report. Use the run now to get a report straightout or schedule them for nightly/weekly/monthly etc.
depending on whether the users have to authenticate to ISA or not will decide on whether you get full user names listed. Obviously, without being in a domain, you will not have AD or anything to hold names etc.

2. ISA does not control bandwidth, it simply reports on it.

3. yes, you can block downloads to various levels.
Double-click your outbound rule(s) and select content-types.
the Application content type (marked as application/*) should cover downloads.
Choose selected protocols only and tick all but application.

ssave the policy and give it a try. Make sure that there is no rule above this one which might allow the downlaods still.

GlobrinAuthor Commented:
I will try and get back to you.

Keith AlabasterEnterprise ArchitectCommented:
Keith AlabasterEnterprise ArchitectCommented:
Thanks Globrin.


Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now