Solved

ISA 2004 access policy - URL Blocking

Posted on 2006-07-06
4
220 Views
Last Modified: 2010-04-09
I want to block all internet sites except these three.  I do have some people who will need full access.

www.dor.mo.gov   
www.google.com
www.CarFax.com
0
Comment
Question by:redvipergts
  • 3
4 Comments
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 17056415
Going to need a lot more info:

What network template have you used to set up the ISA?
Have you installed the ISA client, SecureNAT or just web proxy?
Is the ISA connected to the domain?
Are you wanting to block by user name or IP?
If you are blocking all internet access except for those three web sites, how is dns, smtp etc going out to the internet?
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 17079334
Any update?
0
 
LVL 1

Author Comment

by:redvipergts
ID: 17093055
Keith, the network template is edge firewall, I installed the firewall client, the plug-in that sits in the systray, the isa server is not connected to the domain so I guess we would he to block by IP ?

All I know is that the owner wants all employees to only go to three sites, but a few will still be wide open.

Any ideas ?
0
 
LVL 51

Accepted Solution

by:
Keith Alabaster earned 250 total points
ID: 17125447
Yes, by IP is your only option then.

You will need to create computer objects with the ip addresses of the users you want to allow.
You will need to create a url set with the three web sites you want to allow.

You will need two rules in this order.
One will be the allow all rule with the from being the computer objects you have created.
One will be the allow rule with the url set including the three allowed sites for all users.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Wikipedia defines 'Script Kiddies' in this informal way: "In hacker culture, a script kiddie, occasionally script bunny, skiddie, script kitty, script-running juvenile (SRJ), or similar, is a derogatory term used to describe those who use scripts or…
Do you have a windows based Checkpoint SmartCenter for centralized Checkpoint management?  Have you ever backed up the firewall policy residing on the SmartCenter?  If you have then you know the hassles of connecting to the server, doing an upgrade_…
This is used to tweak the memory usage for your computer, it is used for servers more so than workstations but just be careful editing registry settings as it may cause irreversible results. I hold no responsibility for anything you do to the regist…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…

863 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now