troubleshooting Question

HTTPS vs ISA Server

Avatar of jkaios
jkaiosFlag for Marshall Islands asked on
Software FirewallsMicrosoft Forefront ISA ServerNetwork Security
29 Comments5 Solutions2339 ViewsLast Modified:
Hello experts!

I have created a [Filewal Policy] access rule in ISA Server 2004 to deny access to Facebook during working hours (9:00-11:00 and 13:00-17:00).  The rule works, except when users specifically enter "https://www.facebook.com" in the address bar of their browser.  This address exists in the firewall access rule, but somehow the ISA is not able to detect it.  The following are the URLs that are scheduled to be blocked at certain hours:

  1) *.facebook.com
  2) facebook.com
  3) www.facebook.com
  4) http://facebook.com
  5) http://www.facebook.com
  6) https://facebook.com
  7) https://www.facebook.com  <-- users are able to circumvent the rule by this.

I know that *.facebook.com would be enough, but for some reason the ISA doesn't always work as expected, which is why I had to explicitly enter all the other variances of Facebook.com.

Any expert advice?  Thanks in advance.
ASKER CERTIFIED SOLUTION
btanExec Consultant
Join our community to see this answer!
Unlock 5 Answers and 29 Comments.
Start Free Trial
Learn from the best

Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.

Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 5 Answers and 29 Comments.
Try for 7 days

”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.

-Mike Kapnisakis, Warner Bros