I inherited an ISA Server 2004 in a single adaptor configuration and have 2 related problems
1. Company policy does not allow me to enforce all traffic through ISA and therefore logged traffic but I suddenly have large amounts of download traffic per day I need to identify. Our ISP cannot help due to privacy policies?? and as a managed service I have no admin access to the router to try and identify the traffic/user. Any ideas how to easily trace this? Of course I would love to have ISA set up with 2 nics to solve this but I am not permitted to make that change.
2. The hole above is created by laptop users who needed to be able to change proxy settings for when they are in the field and somewhere in the past they were loaded with Firefox to bypass Group Policy proxy locks on IE and given the direct router address which of course they now use instead of the proxy when they are in the office, otherwise all other users are proxy locked by Group Policy.
How can I proxy block them so they cannot change it in the office but allow them to modify it away from the office and can this be done with Firefox?
As I am not that familiar with ISA, any and all suggestions valued