How to Block Users from use proxie servers to get round ISA site blocking rule

Try www.proxblocks.com

Thanks how do i get this in to ISA.

You should be able to import lists.  If not txt files, email them to see if it comes in xml formatting as well.  Also check out www.isaserver.bm for Steve Moffet's block lists.

Could importing be similar to ISA 2004?  There's a little fluff at the beginning of this, but look about 8 paragraphs down:

http://www.isaserver.org/articles/2004domainseturlset.html

-LTCJ

On your external firewall, set a rule that only allows ftp, http & https traffic that comes from the ISA server ip address.

Putting in white/black lists will not help in the slightest - the whole point of the alternate proxy is that either they bypass the ISA completely OR they use SSL to tunnel through the ISA server therefore the whitelist/blacklist is ignored.

Keith
ISA MVP

Keith, I'm sure you know tons more about ISA than I do, but if users are required to go through his proxy, and they are going to permitted sites to get to blocked sites, you're saying it won't help to block those permitted sites?  I don't think he's saying they are changing thir proxy settings, just going to sites that allow users to type in an address to call up another site without going directly to that site.

Am I right, csilks?

LTCJ

Fair comment if they are using external proxies - :)

Yes they are using them to get round the the rules on ISA that block some sites.