?
Solved

stop download via ISA

Posted on 2009-04-06
3
Medium Priority
?
633 Views
Last Modified: 2013-11-16
Hello, Can you tell me exactly how to stop all downloads via ISA but not stop normal browsing. Also is it possible via grouppolicy. THX.
0
Comment
Question by:prokopovra
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 14

Expert Comment

by:Raj-GT
ID: 24085207
You have to create a new firewall policy above your standard internet browsing policy in ISA to deny "Application" content type. It will require some level of tweaking to catch all downloads but it is possible.
0
 

Author Comment

by:prokopovra
ID: 24087523
Can you supply that step by step please, Thank you. Also Want to ask you about ISA 2006 , Is it possible to use DDNS services  on ISA server in 2 locations and open a branch to branch always open vpn tunnel for two workgroup networks and not AD , and will ISA work on workgroup networks with dhcp and dns. Thank you.
0
 
LVL 14

Accepted Solution

by:
Raj-GT earned 2000 total points
ID: 24087771
To create an access rule...
Right-click Firewall Policy > New > Access Rule >  Type name > Select Deny > Selected protocol and add FTP, HTTP and HTTPS > from - select internal > destination - select external > keep All users or select the user group you want to restrict access to > Finish

Right-click the new access rule you created and select properties. Go to Content Types tab and select "Selected content types" radio button and check "Application" and "Compressed Files" > OK. Move this rule above your current internet access rule, and apply changes.

This should prevent your users from downloading most executables and compressed files from the internet.

As for the VPN question you can use DDNS names and create an L2TP VPN Tunnel between ISAs. The remote network doesn't have to be part of the domain.
0

Featured Post

On Demand Webinar - Networking for the Cloud Era

This webinar discusses:
-Common barriers companies experience when moving to the cloud
-How SD-WAN changes the way we look at networks
-Best practices customers should employ moving forward with cloud migration
-What happens behind the scenes of SteelConnect’s one-click button

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In all versions of ISA Server and the current version of FTMG, the default https protocol uses TCP port 443 and 563 only. This cannot be changed within the ISA or FTMG GUI and must be completed from a Windows cmd prompt on the ISA Server itself. …
To setup a SonicWALL for policy based routing to be used with the Websense Content Gateway there are several steps that need to be completed. Below is a rough guide for accomplishing this. One thing of note is this guide is intended to assist in the…
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
Suggested Courses

765 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question