Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

How to block video and audio streaming in ISA 2006 but allow downloading video and audio

Posted on 2007-11-17
15
Medium Priority
?
9,111 Views
Last Modified: 2012-08-13
I have an ISA 2006 Front end fire wall on a windows 2003 system. I just want to block only the streaming of video and audio but allow users to download video and audio. I tried many rules on my ISA. Tried to block streaming protocols except http, tried by blocking content types and also tried to block by extensions. All of these rules simply block both streaming and downloading but not only streaming.

Can any one tell me a way around. I know that I can block it by ports but I am not sure which ports are to be blocked.
0
Comment
Question by:Zacharia Kurian
  • 4
  • 3
  • 3
  • +1
15 Comments
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 20308161
Open the ISA gui.
Select monitoring - logging - click on start query.

make a connection using whatever processes you see fit to download the 'things' you want to block.
What traffic, ports, protocols etc do you see in the log?
0
 
LVL 9

Author Comment

by:Zacharia Kurian
ID: 20311074
I don't think that I would be able to do what I want because when I did the logging I am getting http port 80 which I can't disable.I tried many video streaming and audio too. They all are giving me http port 80!
0
 
LVL 12

Expert Comment

by:sarangk_14
ID: 20313813
As far as I know, Microsoft Media Server (MMS) and Real-time streaming protocol (RTSP)  are two of the most popular protocols/services used for streaming Audio/Video over the Internet.
ISA Server 2006 includes filters for regulating both these protocols.

You may find the following useful:
http://www.microsoft.com/technet/isa/2006/application_filters.mspx
http://download.microsoft.com/download/7/a/d/7ad19879-0ca9-4541-890b-8c07887e02ae/ISA2004SE_wp_appfiltering.doc

Hope this helps. Comments/Suggestions/Corrections welcome.
0
Cyber Threats to Small Businesses (Part 1)

This past May, Webroot surveyed more than 600 IT decision-makers at medium-sized companies to see how these small businesses perceived new threats facing their organizations.  Read what Webroot CISO, Gary Hayslip, has to say about the survey in part 1 of this 2-part blog series.

 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 20583954
The asker has not responded to either section really. Drilling down into the monitor log shows the agent string being used by the applications. Of course they use port 80 - however, each application as a user agent (also known as an application signature) that will identify the flow. This is what is used to block the traffic.

Saran has also alluded to the option with his/her post also.

Not fussed on whether the question is closed or not but would agree on a delete -no-refund based on the asker responses so far. This is a common question and we know the solution works.

Keith
0
 
LVL 9

Accepted Solution

by:
Zacharia Kurian earned 0 total points
ID: 20588646
I found a better solution by installing GFI web monitor on my ISA 2006. I bought the software and now I can allow/block the streaming based on the User Account. I waited for a long time to get response to my last post and in desperate need I contacted the GFI and they gave me a solution. So I want this question to be closed and refund the points.
0
 
LVL 12

Expert Comment

by:sarangk_14
ID: 20588685
After seeing Zackur's comment, I would agree with keith as well.
As far as the comments are concerned, I had provided specific documents advising how to do things, and would like to point out that it was Zackur and not us who did not respond.

I would like to reiterate my stand that the question can be closed but would agree on a delete -no-refund based on the asker responses so far.
0
 
LVL 9

Author Comment

by:Zacharia Kurian
ID: 20589026
In the ISA related questions so far I found useful suggestions from keith_alabaster.

I did responded to most of his reviews and answers mostly in the ISA related doubts. Sometime I am sure that all of us do miss a response to some of the reviews/answers you get. This is what happened to me too.

At the same time "a rule is a rule" no matter what was the situation or the disposition of the user. So if you experts feel that my question has to be closed with out refunding- go ahead. I have no objection to it.
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 20589303
Personal view - if the answer to the question, in this instance, is that you have installed GFI and job done then thats fine.  

Zackur, all we ask is that you respond to the posts made - if this was a valid oversight on your side then so be it, but lets try to keep those to a minimum. I note from your question history that you have quite a few open questions including a number that I closed for you myself due to non-response. What we do not want to end up with is a position whereby we don't even bother responding to your questions when they are posted as we assume the question will never complete.

Lets use this as a wake-up call - If the installation of GFI is your working solution then lets paq - refund in this case but I would hope not to see a repeat position ever again.

Keith
0
 
LVL 12

Expert Comment

by:sarangk_14
ID: 20589318
I'll second that.
0
 
LVL 9

Author Comment

by:Zacharia Kurian
ID: 20775078
just delete the question with out refunding my points
0
 
LVL 1

Expert Comment

by:Vee_Mod
ID: 20780627
Closed, 125 points refunded.
Vee_Mod
Community Support Moderator
0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I have been asked to explain on many, many occasions the correct way to setup network cards and DNS settings on ISA Server 2004, 2006 and forefront Threat management gateway (FTMG) and have willing done so. I have also promised my self everytime tha…
There are several problems reported according slow link speeds or poor performance in TMG 2010, UAG 2010 or ISA 2006. I want to collect here some of the common issues together to give a brief overview what can be the reason. Nevertheless, not all of…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an anti-spam), the admin…
In response to a need for security and privacy, and to continue fostering an environment members can turn to for support, solutions, and education, Experts Exchange has created anonymous question capabilities. This new feature is available to our Pr…
Suggested Courses
Course of the Month11 days, 2 hours left to enroll

886 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question