?
Solved

stop download via ISA

Posted on 2009-04-06
3
Medium Priority
?
635 Views
Last Modified: 2013-11-16
Hello, Can you tell me exactly how to stop all downloads via ISA but not stop normal browsing. Also is it possible via grouppolicy. THX.
0
Comment
Question by:prokopovra
  • 2
3 Comments
 
LVL 15

Expert Comment

by:Raj-GT
ID: 24085207
You have to create a new firewall policy above your standard internet browsing policy in ISA to deny "Application" content type. It will require some level of tweaking to catch all downloads but it is possible.
0
 

Author Comment

by:prokopovra
ID: 24087523
Can you supply that step by step please, Thank you. Also Want to ask you about ISA 2006 , Is it possible to use DDNS services  on ISA server in 2 locations and open a branch to branch always open vpn tunnel for two workgroup networks and not AD , and will ISA work on workgroup networks with dhcp and dns. Thank you.
0
 
LVL 15

Accepted Solution

by:
Raj-GT earned 2000 total points
ID: 24087771
To create an access rule...
Right-click Firewall Policy > New > Access Rule >  Type name > Select Deny > Selected protocol and add FTP, HTTP and HTTPS > from - select internal > destination - select external > keep All users or select the user group you want to restrict access to > Finish

Right-click the new access rule you created and select properties. Go to Content Types tab and select "Selected content types" radio button and check "Application" and "Compressed Files" > OK. Move this rule above your current internet access rule, and apply changes.

This should prevent your users from downloading most executables and compressed files from the internet.

As for the VPN question you can use DDNS names and create an L2TP VPN Tunnel between ISAs. The remote network doesn't have to be part of the domain.
0

Featured Post

When ransomware hits your clients, what do you do?

MSPs: Endpoint security isn’t enough to prevent ransomware.
As the impact and severity of crypto ransomware attacks has grown, Webroot has fought back, not just by building a next-gen endpoint solution capable of preventing ransomware attacks but also by being a thought leader.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

There are three types of ISA client that can be configured - these can be individual clients or multiples of a client on each PC or server SecureNAT. A SecureNAT client for ISA server is a client machine, work station or server, that has its defa…
Forefront is the brand name for Microsoft's major security product. Forefront covers a number of specific security areas and has 'swallowed' a number of applications under this umbrella including Antigen, ISA Server, the Integrated Access Gateway (t…
This lesson discusses how to use a Mainform + Subforms in Microsoft Access to find and enter data for payments on orders. The sample data comes from a custom shop that builds and sells movable storage structures that are delivered to your property. …
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…
Suggested Courses
Course of the Month15 days, 12 hours left to enroll

850 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question