• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 638
  • Last Modified:

stop download via ISA

Hello, Can you tell me exactly how to stop all downloads via ISA but not stop normal browsing. Also is it possible via grouppolicy. THX.
0
prokopovra
Asked:
prokopovra
  • 2
1 Solution
 
Raj-GTSystems EngineerCommented:
You have to create a new firewall policy above your standard internet browsing policy in ISA to deny "Application" content type. It will require some level of tweaking to catch all downloads but it is possible.
0
 
prokopovraAuthor Commented:
Can you supply that step by step please, Thank you. Also Want to ask you about ISA 2006 , Is it possible to use DDNS services  on ISA server in 2 locations and open a branch to branch always open vpn tunnel for two workgroup networks and not AD , and will ISA work on workgroup networks with dhcp and dns. Thank you.
0
 
Raj-GTSystems EngineerCommented:
To create an access rule...
Right-click Firewall Policy > New > Access Rule >  Type name > Select Deny > Selected protocol and add FTP, HTTP and HTTPS > from - select internal > destination - select external > keep All users or select the user group you want to restrict access to > Finish

Right-click the new access rule you created and select properties. Go to Content Types tab and select "Selected content types" radio button and check "Application" and "Compressed Files" > OK. Move this rule above your current internet access rule, and apply changes.

This should prevent your users from downloading most executables and compressed files from the internet.

As for the VPN question you can use DDNS names and create an L2TP VPN Tunnel between ISAs. The remote network doesn't have to be part of the domain.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now