From: Saudi Arabia
Hi all, I have an ISA Server 2000 for my local network and operating system used is win 2000 Server & professional & win xp professional. Each pc have Symantec Antivirus (up-to-date)and Microsoft Anti-Spyware (up-to-date).The bandwidth rule is set as default on ISA Server (inbound=100 & outbound=100).The problem is that some times network user get internet speed deadly slow. After generating reports, I observe that some user are using very high bandwidth. Then i check that users and i see after scanning that they have spyies and trojans. I put all PC at daily scheduale scanning. But still some times internet get deadly slow and nobody can browse internet. And when i visit any site from ISA Server browser, it open very fast. Can anyone guide me how can i provide users a fine internet speed. I purchased 256Kbps DSL line from ISP and I have approximately 100 user behind ISA Server. Can i configure bandwidth rule as per user. So each user will get restricted bandwidth. Or Internet is slow because of some other broblem. Note:::Now a days when my internet get slow, i restart ISA server and internet get fine. Please someone guide to some professional way. Solution need very urgent and will highly appretiated.
There are true bandwidth control software solutions you can purchase from companies like digirain etc this will help you regulate bandwidth on the ISA server the native ISA bandwidth control work in some solutions but my faith is better vested with a third party product.
Dear Masir, Another solution for this problem would be installing FreeBSD with Dummynet.it is completely free and very easy to set and manage BW quotas. But you need a plan to place BSD machine beside your ISA2k4. Thank you
Even with a bandwidth controller internet request will still be slow for your users. A 256kbps connect won't be enough for a 100 users environment. I would suggest instead of investing money into a bandwidth controller, boost you dsl connect to the highest available and configure a caching only dns on the isa server.
While bandwidth management is prudent, i think we have forgotten the issue that masair raised. His concern was that he is probably getting his pipe sucked up by spyware and trojans.
You have to choose what to control, either the internet or your internal environment. Stop the the end-user reign and take charge of your internal environment. The antispyware is part of it but above all most of the malware that installs on your computer is because the users have rights that are not commensurate with their surfing ettiquette. One of the things that you wanna be sure is that only admins have admin rights - fully implement active directory and make sure priviliges are commensurate with user roles!
Implement a good virus solution (forget the free antivirus software) - one is meant for networks and not standalone.
Implement ISA's Message Screener and kill all those attachments that are executing on your clients. Now you are incharge!!
When you are done with these, you probably won't want to know who's using what bandwidth, but if you still are interested, read all the good advise below
Hi I would like to find out how to block skype port on my serve using ISA 2004. any ideas on how to block the skype port 36013? How do I create an array rule to block this port so that skype does not run?