Celebrate National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

How to block video and audio streaming in ISA 2006 but allow downloading video and audio

Posted on 2007-11-17
15
Medium Priority
?
9,060 Views
Last Modified: 2012-08-13
I have an ISA 2006 Front end fire wall on a windows 2003 system. I just want to block only the streaming of video and audio but allow users to download video and audio. I tried many rules on my ISA. Tried to block streaming protocols except http, tried by blocking content types and also tried to block by extensions. All of these rules simply block both streaming and downloading but not only streaming.

Can any one tell me a way around. I know that I can block it by ports but I am not sure which ports are to be blocked.
0
Comment
Question by:Zacharia Kurian
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
  • 3
  • +1
15 Comments
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 20308161
Open the ISA gui.
Select monitoring - logging - click on start query.

make a connection using whatever processes you see fit to download the 'things' you want to block.
What traffic, ports, protocols etc do you see in the log?
0
 
LVL 9

Author Comment

by:Zacharia Kurian
ID: 20311074
I don't think that I would be able to do what I want because when I did the logging I am getting http port 80 which I can't disable.I tried many video streaming and audio too. They all are giving me http port 80!
0
 
LVL 12

Expert Comment

by:sarangk_14
ID: 20313813
As far as I know, Microsoft Media Server (MMS) and Real-time streaming protocol (RTSP)  are two of the most popular protocols/services used for streaming Audio/Video over the Internet.
ISA Server 2006 includes filters for regulating both these protocols.

You may find the following useful:
http://www.microsoft.com/technet/isa/2006/application_filters.mspx
http://download.microsoft.com/download/7/a/d/7ad19879-0ca9-4541-890b-8c07887e02ae/ISA2004SE_wp_appfiltering.doc

Hope this helps. Comments/Suggestions/Corrections welcome.
0
Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 20583954
The asker has not responded to either section really. Drilling down into the monitor log shows the agent string being used by the applications. Of course they use port 80 - however, each application as a user agent (also known as an application signature) that will identify the flow. This is what is used to block the traffic.

Saran has also alluded to the option with his/her post also.

Not fussed on whether the question is closed or not but would agree on a delete -no-refund based on the asker responses so far. This is a common question and we know the solution works.

Keith
0
 
LVL 9

Accepted Solution

by:
Zacharia Kurian earned 0 total points
ID: 20588646
I found a better solution by installing GFI web monitor on my ISA 2006. I bought the software and now I can allow/block the streaming based on the User Account. I waited for a long time to get response to my last post and in desperate need I contacted the GFI and they gave me a solution. So I want this question to be closed and refund the points.
0
 
LVL 12

Expert Comment

by:sarangk_14
ID: 20588685
After seeing Zackur's comment, I would agree with keith as well.
As far as the comments are concerned, I had provided specific documents advising how to do things, and would like to point out that it was Zackur and not us who did not respond.

I would like to reiterate my stand that the question can be closed but would agree on a delete -no-refund based on the asker responses so far.
0
 
LVL 9

Author Comment

by:Zacharia Kurian
ID: 20589026
In the ISA related questions so far I found useful suggestions from keith_alabaster.

I did responded to most of his reviews and answers mostly in the ISA related doubts. Sometime I am sure that all of us do miss a response to some of the reviews/answers you get. This is what happened to me too.

At the same time "a rule is a rule" no matter what was the situation or the disposition of the user. So if you experts feel that my question has to be closed with out refunding- go ahead. I have no objection to it.
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 20589303
Personal view - if the answer to the question, in this instance, is that you have installed GFI and job done then thats fine.  

Zackur, all we ask is that you respond to the posts made - if this was a valid oversight on your side then so be it, but lets try to keep those to a minimum. I note from your question history that you have quite a few open questions including a number that I closed for you myself due to non-response. What we do not want to end up with is a position whereby we don't even bother responding to your questions when they are posted as we assume the question will never complete.

Lets use this as a wake-up call - If the installation of GFI is your working solution then lets paq - refund in this case but I would hope not to see a repeat position ever again.

Keith
0
 
LVL 12

Expert Comment

by:sarangk_14
ID: 20589318
I'll second that.
0
 
LVL 9

Author Comment

by:Zacharia Kurian
ID: 20775078
just delete the question with out refunding my points
0
 
LVL 1

Expert Comment

by:Vee_Mod
ID: 20780627
Closed, 125 points refunded.
Vee_Mod
Community Support Moderator
0

Featured Post

On Demand Webinar: Networking for the Cloud Era

Ready to improve network connectivity? Watch this webinar to learn how SD-WANs and a one-click instant connect tool can boost provisions, deployment, and management of your cloud connection.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you are like regular user of computer nowadays, a good bet that your home computer is on right now, all exposed to world of Internet to be exploited by somebody you do not know and you never will. Internet security issues has been getting worse d…
Microsoft's ISA Server has been its pre-eminent security product for about a decade and is still regarded amongst the well-informed as one of the best software firewalls and application gateways ever released, by any manufacturer. ISA Server has bee…
This course is ideal for IT System Administrators working with VMware vSphere and its associated products in their company infrastructure. This course teaches you how to install and maintain this virtualization technology to store data, prevent vuln…
In this video, Percona Solution Engineer Dimitri Vanoverbeke discusses why you want to use at least three nodes in a database cluster. To discuss how Percona Consulting can help with your design and architecture needs for your database and infras…
Suggested Courses

730 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question