Solved

stop download via ISA

Posted on 2009-04-06
3
631 Views
Last Modified: 2013-11-16
Hello, Can you tell me exactly how to stop all downloads via ISA but not stop normal browsing. Also is it possible via grouppolicy. THX.
0
Comment
Question by:prokopovra
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 14

Expert Comment

by:Raj-GT
ID: 24085207
You have to create a new firewall policy above your standard internet browsing policy in ISA to deny "Application" content type. It will require some level of tweaking to catch all downloads but it is possible.
0
 

Author Comment

by:prokopovra
ID: 24087523
Can you supply that step by step please, Thank you. Also Want to ask you about ISA 2006 , Is it possible to use DDNS services  on ISA server in 2 locations and open a branch to branch always open vpn tunnel for two workgroup networks and not AD , and will ISA work on workgroup networks with dhcp and dns. Thank you.
0
 
LVL 14

Accepted Solution

by:
Raj-GT earned 500 total points
ID: 24087771
To create an access rule...
Right-click Firewall Policy > New > Access Rule >  Type name > Select Deny > Selected protocol and add FTP, HTTP and HTTPS > from - select internal > destination - select external > keep All users or select the user group you want to restrict access to > Finish

Right-click the new access rule you created and select properties. Go to Content Types tab and select "Selected content types" radio button and check "Application" and "Compressed Files" > OK. Move this rule above your current internet access rule, and apply changes.

This should prevent your users from downloading most executables and compressed files from the internet.

As for the VPN question you can use DDNS names and create an L2TP VPN Tunnel between ISAs. The remote network doesn't have to be part of the domain.
0

Featured Post

Now Available: Firebox Cloud for AWS and FireboxV

Firebox Cloud brings the protection of WatchGuard’s leading Firebox UTM appliances to public cloud environments. It enables organizations to extend their security perimeter to protect business-critical assets in Amazon Web Services (AWS).

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Microsoft's ISA Server has been its pre-eminent security product for about a decade and is still regarded amongst the well-informed as one of the best software firewalls and application gateways ever released, by any manufacturer. ISA Server has bee…
The DROP (Spamhaus Don't Route Or Peer List) is a small list of IP address ranges that have been stolen or hijacked from their rightful owners. The DROP list is not a DNS based list.  It is designed to be downloaded as a file, with primary intention…
I've attached the XLSM Excel spreadsheet I used in the video and also text files containing the macros used below. https://filedb.experts-exchange.com/incoming/2017/03_w12/1151775/Permutations.txt https://filedb.experts-exchange.com/incoming/201…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…

696 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question