Solved

restricting internet access with ISA 2006

Posted on 2009-05-20
6
588 Views
Last Modified: 2012-05-07
we are running ISA 2006 on a windows 2003 server

I am trying to restrict some users to access certain websites only.
i have created access rules for this, but it is not working:

order    name              action            protocols           from/listener        to                   condition
1          block               allow            all outbound       internal                websites        locked users
            restricted                             traffic                 CPN Clients          allowed
            users

2           block               deny           all outbound       internal                 External       locked  users
           restricted                             traffic                 CPN Clients          
            users



users can still go to any other website.  please let me know how i can fix this
0
Comment
Question by:winperez
6 Comments
 
LVL 35

Expert Comment

by:Bembi
Comment Utility
I assume, that "locked users" is a domain group with your locked down users?

This work as long as you have put ISA as proxy into your brwoser proxy setting. Therefore your clients acts as web-proxy client. If no browser proxy settings are set, the clients acts as secure Nat client and take no notice of the user group setting.
0
 
LVL 14

Expert Comment

by:Raj-GT
Comment Utility
Also, you can disable Rule 1 and just use Rule 2 with "websites allowed" added under the exceptions list in the To tab.
0
 

Expert Comment

by:bateg
Comment Utility
Can you please explain your infrastructure:

-Is your ISA working as a unihomed with one NIC card or 2 NIC cards in which one is internal and the other is external ) connected to internet )

- Is Isa joined to the domain or working on workgroup?

Regards,
bateg

0
Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

 

Author Comment

by:winperez
Comment Utility
thanks guys,

I was able to correct the problem.  I just needed to create an extra protocol for port 8080 and deny users
0
 
LVL 35

Expert Comment

by:Bembi
Comment Utility
Port 8080 is usually used for the web proxy client.
The default deny rule will usually block all traffic by default as long there is no rule which allows it again.

Note that rules are accessed on their order. The first rule, which allows access will handle the traffic.
0
 

Accepted Solution

by:
bateg earned 500 total points
Comment Utility
also, be carefull from the deny and allow rules arrangement.

i.e : if you give all user allow access to browse facebook.com and under it another rule say that user X cannot access firewall.

The result is that user x will access facebook, That is because isa server read the rules one by one and when it find a rule that meet its category it stop reading the others.

0

Featured Post

Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

Join & Write a Comment

Forefront is the brand name for Microsoft's major security product. Forefront covers a number of specific security areas and has 'swallowed' a number of applications under this umbrella including Antigen, ISA Server, the Integrated Access Gateway (t…
In Africa (and potentially where you live…), reliability of ISPs is questionable.  With the increased reliance on e-mail as one of the primary forms of communication, the costs to business are significant based on interuption of ISP Connectivity.  T…
Excel styles will make formatting consistent and let you apply and change formatting faster. In this tutorial, you'll learn how to use Excel's built-in styles, how to modify styles, and how to create your own. You'll also learn how to use your custo…
Access reports are powerful and flexible. Learn how to create a query and then a grouped report using the wizard. Modify the report design after the wizard is done to make it look better. There will be another video to explain how to put the final p…

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now