<div>
You have to create a new firewall policy above your standard internet browsing policy in ISA to deny &quot;Application&quot; content type. It will require some level of tweaking to catch all downloads but it is possible.
</div>


You have to create a new firewall policy above your standard internet browsing policy in ISA to deny "Application" content type. It will require some level of tweaking to catch all downloads but it is possible.

<div>
Can you supply that step by step please, Thank you. Also Want to ask you about ISA 2006 , Is it possible to use DDNS services &nbsp;on ISA server in 2 locations and open a branch to branch always open vpn tunnel for two workgroup networks and not AD , and will ISA work on workgroup networks with dhcp and dns. Thank you.
</div>


Can you supply that step by step please, Thank you. Also Want to ask you about ISA 2006 , Is it possible to use DDNS services  on ISA server in 2 locations and open a branch to branch always open vpn tunnel for two workgroup networks and not AD , and will ISA work on workgroup networks with dhcp and dns. Thank you.

<div>
<div class="content wysiwyg-content">
Hello, Can you tell me exactly how to stop all downloads via ISA but not stop normal browsing. Also is it possible via grouppolicy. THX.
</div>
</div>


Hello, Can you tell me exactly how to stop all downloads via ISA but not stop normal browsing. Also is it possible via grouppolicy. THX.

stop download via ISA

Software firewalls, also known as host-based firewalls, provide a layer of software on one host that controls network traffic in and out of that single machine. Most operating systems now include firewall software, but many available software firewalls include central distribution, antivirus systems and disaster recovery.

Software Firewalls

Microsoft Forefront, formerly known as Internet Security and Acceleration Server (ISA Server), is a network router, firewall, antivirus program, VPN server and web cache that runs on Windows servers. It includes identity management and protection systems, and discontinued systems for threat management and network protection, along with protection for Sharepoint and Exchange. The scope of discussions includes forward and reverse proxy, application and service publishing, virtual private networks (VPNs), outbound access rules, SSL certificates and network routing within either a single node or an highly-available array pairing.