Solved

ISA 2004 access policy - URL Blocking

Posted on 2006-07-06
4
251 Views
Last Modified: 2010-04-09
I want to block all internet sites except these three.  I do have some people who will need full access.

www.dor.mo.gov   
www.google.com
www.CarFax.com
0
Comment
Question by:redvipergts
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
4 Comments
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 17056415
Going to need a lot more info:

What network template have you used to set up the ISA?
Have you installed the ISA client, SecureNAT or just web proxy?
Is the ISA connected to the domain?
Are you wanting to block by user name or IP?
If you are blocking all internet access except for those three web sites, how is dns, smtp etc going out to the internet?
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 17079334
Any update?
0
 
LVL 1

Author Comment

by:redvipergts
ID: 17093055
Keith, the network template is edge firewall, I installed the firewall client, the plug-in that sits in the systray, the isa server is not connected to the domain so I guess we would he to block by IP ?

All I know is that the owner wants all employees to only go to three sites, but a few will still be wide open.

Any ideas ?
0
 
LVL 51

Accepted Solution

by:
Keith Alabaster earned 250 total points
ID: 17125447
Yes, by IP is your only option then.

You will need to create computer objects with the ip addresses of the users you want to allow.
You will need to create a url set with the three web sites you want to allow.

You will need two rules in this order.
One will be the allow all rule with the from being the computer objects you have created.
One will be the allow rule with the url set including the three allowed sites for all users.
0

Featured Post

Enroll in June's Course of the Month

June’s Course of the Month is now available! Experts Exchange’s Premium Members, Team Accounts, and Qualified Experts have access to a complimentary course each month as part of their membership—an extra way to sharpen your skills and increase training.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Wikipedia defines 'Script Kiddies' in this informal way: "In hacker culture, a script kiddie, occasionally script bunny, skiddie, script kitty, script-running juvenile (SRJ), or similar, is a derogatory term used to describe those who use scripts or…
The DROP (Spamhaus Don't Route Or Peer List) is a small list of IP address ranges that have been stolen or hijacked from their rightful owners. The DROP list is not a DNS based list.  It is designed to be downloaded as a file, with primary intention…
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…

729 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question