Solved

ISA Placement Question

Posted on 2006-10-20
8
203 Views
Last Modified: 2013-11-16
Currently we have an ISA server setup in a DMZ on a PIX 515.  It use to be a frontend for OWA, but now I would like to use it to monitor web use, and block websites that users shouldn't be using while at work.  I understand that in order for this to happen I will need to have the ISA between the PIX and the rest of the network, but we use our PIX for a Site to Site tunnel and I don't want to block traffic going through the tunnel to our servers on our network.  Any ideas on the best way to accomplish my goals?

Thanks
0
Comment
Question by:tfa8rva
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
  • 2
8 Comments
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 17775587
Are you using two nic's in the ISA (like an internal firewall) or just using it as a proxy device? Also, which version of ISA are you using?
0
 

Author Comment

by:tfa8rva
ID: 17775854
We are using ISA 2004, and more specificly V4.0.2163.213.  It has two nics, one going to the PIX and one going to the internal network, but currently it isn't being used for anything.
0
 
LVL 11

Accepted Solution

by:
prueconsulting earned 500 total points
ID: 17780525
Simply point web traffic towards the ISA internal NIC for monitoring web access . This can be done as simply as checking the proxy server box in your browser and pointing it to the ISA server .

0
Forrester Webinar: xMatters Delivers 261% ROI

Guest speaker Dean Davison, Forrester Principal Consultant, explains how a Fortune 500 communication company using xMatters found these results: Achieved a 261% ROI, Experienced $753,280 in net present value benefits over 3 years and Reduced MTTR by 91% for tier 1 incidents.

 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 17780642
I'll leave it to you then Prue. If the user still has an issue after you have finished I'll jump back in and go through the ISA side.
0
 

Author Comment

by:tfa8rva
ID: 17787921
Prue, I will give that a shot to see if it works.  Thanks.
0
 

Author Comment

by:tfa8rva
ID: 17789794
Thanks, that works.  I was making it out to be harder than it really was.
0
 
LVL 11

Expert Comment

by:prueconsulting
ID: 17789842
Glad to hear..
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 17790425
Me too. Means I can leave the ISA qestions to someone else now and get on with some of the others :)
0

Featured Post

Announcing the Most Valuable Experts of 2016

MVEs are more concerned with the satisfaction of those they help than with the considerable points they can earn. They are the types of people you feel privileged to call colleagues. Join us in honoring this amazing group of Experts.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Do you have a windows based Checkpoint SmartCenter for centralized Checkpoint management?  Have you ever backed up the firewall policy residing on the SmartCenter?  If you have then you know the hassles of connecting to the server, doing an upgrade_…
This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
Although Jacob Bernoulli (1654-1705) has been credited as the creator of "Binomial Distribution Table", Gottfried Leibniz (1646-1716) did his dissertation on the subject in 1666; Leibniz you may recall is the co-inventor of "Calculus" and beat Isaac…
Are you ready to implement Active Directory best practices without reading 300+ pages? You're in luck. In this webinar hosted by Skyport Systems, you gain insight into Microsoft's latest comprehensive guide, with tips on the best and easiest way…

730 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question