Solved

How can I use ISA to block specific ports

Posted on 2006-07-10
3
341 Views
Last Modified: 2013-11-16
How can I use ISA to block specific ports that can be used by viruses and other unwanted applications.
0
Comment
Question by:eng_khalid101
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 51

Accepted Solution

by:
Keith Alabaster earned 125 total points
ID: 17077811
Thats a big question..... ISA is not an anti-virus product and doesn't pretend to be. For example, many 'unwanted' applications can use port 80  but it is highlu unlikely that you would want to block this port.

The best you can do is to define a system security policy on paper and then apply that policy with a good anti-virus package such as Sophos or such like. ISA will block all incoming traffic by default whilst allowing all outgoing traffic.

You can amend the default allow all protocols from internal to external by right-clicking the rule and selecting properties. Change the allowed protocols from all outbound to selected protocols and choose the ones you want to allow.

To protect against web applications etc, right click the allow rule and select configure http. Amend the content types etc as needed. (The configure httpis rule-specific so amendments here ONLY affect this one particular rule. If you have other Allow rules, you will need to configure the http/ftp/rpc for these also if you want the same restrictions to apply).)
0

Featured Post

DevOps Toolchain Recommendations

Read this Gartner Research Note and discover how your IT organization can automate and optimize DevOps processes using a toolchain architecture.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Wikipedia defines 'Script Kiddies' in this informal way: "In hacker culture, a script kiddie, occasionally script bunny, skiddie, script kitty, script-running juvenile (SRJ), or similar, is a derogatory term used to describe those who use scripts or…
To setup a SonicWALL for policy based routing to be used with the Websense Content Gateway there are several steps that need to be completed. Below is a rough guide for accomplishing this. One thing of note is this guide is intended to assist in the…
Finds all prime numbers in a range requested and places them in a public primes() array. I've demostrated a template size of 30 (2 * 3 * 5) but larger templates can be built such 210  (2 * 3 * 5 * 7) or 2310  (2 * 3 * 5 * 7 * 11). The larger templa…
Finding and deleting duplicate (picture) files can be a time consuming task. My wife and I, our three kids and their families all share one dilemma: Managing our pictures. Between desktops, laptops, phones, tablets, and cameras; over the last decade…

751 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question