Solved

How can I use ISA to block specific ports

Posted on 2006-07-10
3
337 Views
Last Modified: 2013-11-16
How can I use ISA to block specific ports that can be used by viruses and other unwanted applications.
0
Comment
Question by:eng_khalid101
3 Comments
 
LVL 51

Accepted Solution

by:
Keith Alabaster earned 125 total points
ID: 17077811
Thats a big question..... ISA is not an anti-virus product and doesn't pretend to be. For example, many 'unwanted' applications can use port 80  but it is highlu unlikely that you would want to block this port.

The best you can do is to define a system security policy on paper and then apply that policy with a good anti-virus package such as Sophos or such like. ISA will block all incoming traffic by default whilst allowing all outgoing traffic.

You can amend the default allow all protocols from internal to external by right-clicking the rule and selecting properties. Change the allowed protocols from all outbound to selected protocols and choose the ones you want to allow.

To protect against web applications etc, right click the allow rule and select configure http. Amend the content types etc as needed. (The configure httpis rule-specific so amendments here ONLY affect this one particular rule. If you have other Allow rules, you will need to configure the http/ftp/rpc for these also if you want the same restrictions to apply).)
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Static IP 5 81
Linksys LRT 224 forward 3 39
Using Windows Firewall to separate 2 networks on PC with dual NICS? 5 91
Which the best UTM recommended ? 2 69
The DROP (Spamhaus Don't Route Or Peer List) is a small list of IP address ranges that have been stolen or hijacked from their rightful owners. The DROP list is not a DNS based list.  It is designed to be downloaded as a file, with primary intention…
This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
This tutorial gives a high-level tour of the interface of Marketo (a marketing automation tool to help businesses track and engage prospective customers and drive them to purchase). You will see the main areas including Marketing Activities, Design …
Migrating to Microsoft Office 365 is becoming increasingly popular for organizations both large and small. If you have made the leap to Microsoft’s cloud platform, you know that you will need to create a corporate email signature for your Office 365…

912 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

23 Experts available now in Live!

Get 1:1 Help Now