We help IT Professionals succeed at work.

We've partnered with Certified Experts, Carl Webster and Richard Faulkner, to bring you a podcast all about Citrix Workspace, moving to the cloud, and analytics & intelligence. Episode 2 coming soon!Listen Now

x

ISA Placement Question

tfa8rva
tfa8rva asked
on
Medium Priority
218 Views
Last Modified: 2013-11-16
Currently we have an ISA server setup in a DMZ on a PIX 515.  It use to be a frontend for OWA, but now I would like to use it to monitor web use, and block websites that users shouldn't be using while at work.  I understand that in order for this to happen I will need to have the ISA between the PIX and the rest of the network, but we use our PIX for a Site to Site tunnel and I don't want to block traffic going through the tunnel to our servers on our network.  Any ideas on the best way to accomplish my goals?

Thanks
Comment
Watch Question

Keith AlabasterEnterprise Architect
CERTIFIED EXPERT
Top Expert 2008

Commented:
Are you using two nic's in the ISA (like an internal firewall) or just using it as a proxy device? Also, which version of ISA are you using?

Author

Commented:
We are using ISA 2004, and more specificly V4.0.2163.213.  It has two nics, one going to the PIX and one going to the internal network, but currently it isn't being used for anything.
Top Expert 2006
Commented:
Simply point web traffic towards the ISA internal NIC for monitoring web access . This can be done as simply as checking the proxy server box in your browser and pointing it to the ISA server .

Not the solution you were looking for? Getting a personalized solution is easy.

Ask the Experts
Keith AlabasterEnterprise Architect
CERTIFIED EXPERT
Top Expert 2008

Commented:
I'll leave it to you then Prue. If the user still has an issue after you have finished I'll jump back in and go through the ISA side.

Author

Commented:
Prue, I will give that a shot to see if it works.  Thanks.

Author

Commented:
Thanks, that works.  I was making it out to be harder than it really was.
Top Expert 2006

Commented:
Glad to hear..
Keith AlabasterEnterprise Architect
CERTIFIED EXPERT
Top Expert 2008

Commented:
Me too. Means I can leave the ISA qestions to someone else now and get on with some of the others :)
Access more of Experts Exchange with a free account
Thanks for using Experts Exchange.

Create a free account to continue.

Limited access with a free account allows you to:

  • View three pieces of content (articles, solutions, posts, and videos)
  • Ask the experts questions (counted toward content limit)
  • Customize your dashboard and profile

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.