• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1003
  • Last Modified:

Whitelist based on workstation name for ISA server

Is there a way with ISA 2006 to create a whitelist of sites for specifically named workstations?  I work in an environment with back-room and retail operations.  Management would like the retail workstations to only have access to whitelist, but when the users work in the backoffice they can access any site.

I obviously cannot filter based on user id since the same user could be logging in on a workstation in the back office or up front.

Any help would be greatly appreciated
0
jeff4379
Asked:
jeff4379
  • 3
  • 2
1 Solution
 
Keith AlabasterCommented:
Certainly.

The rule needs to be above the normal allow outbound rules.
Highlight the firewall policy in te ISA gui.
Select the toolbox on the right-hand side of the screen (if you cannot see it, it may be hidden. Half-way down the right-hnd side of the screen you will see a grab-handle. Click it and the toolbox will open).
In here you can add new entities such as domain sets, url sets, subnet entities and computer objects.
Create a new outbound access rule with the protocols you want then add the URL sets you have created in the TO box and remove the ALL users group and add the computer objects that you have created.
0
 
jeff4379Author Commented:
Thanks, I'll give this a shot and report back!
0
 
jeff4379Author Commented:
Keith, it appears that when I want to add a computer it needs to have a static IP address (I assume this since it fills in the IP address)  Is my assumption wrong, and that ISA communicates with DHCP to determine when the workstation's IP address changes?

0
 
Keith AlabasterCommented:
This is correct - the way this is normally done is to se the reservations options within dhcp so that computer alway gets te same ip address. You put in the MAC address of the network card from the PC and stae the ip address that this MAC (nic) will aways get. Leave the nic on dhcp and all is well.....

No, ISA does not communicate with DHCP
0
 
Keith AlabasterCommented:
Thank you.

Sorry about the typing errors - my kids have dropped 'something' over my keyboard and all the keys keep stickng....

keith
0

Featured Post

Automating Your MSP Business

The road to profitability.
Delivering superior services is key to ensuring customer satisfaction and the consequent long-term relationships that enable MSPs to lock in predictable, recurring revenue. What's the best way to deliver superior service? One word: automation.

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now