I have created a [Filewal Policy] access rule in ISA Server 2004 to deny access to Facebook during working hours (9:00-11:00 and 13:00-17:00). The rule works, except when users specifically enter "https://www.facebook.com
in the address bar of their browser. This address exists in the firewall access rule, but somehow the ISA is not able to detect it. The following are the URLs that are scheduled to be blocked at certain hours:
7) https://www.facebook.com <-- users are able to circumvent the rule by this.
I know that *.facebook.com
would be enough, but for some reason the ISA doesn't always work as expected, which is why I had to explicitly enter all the other variances of Facebook.com.
Any expert advice? Thanks in advance.