Welcome to ISAserver.org

Blocking HTTP Downloads

Users viewing this topic: none

Logged in as: Guest

Printable Version

All Forums >> [ISA Server 2000 Firewall] >> Firewall Client >> Blocking HTTP Downloads

Page: [1]

Message

<< Older Topic Newer Topic >>

Blocking HTTP Downloads - 5.Sep.2002 6:13:00 PM

tfgdayton

Posts: 16
Joined: 20.Feb.2001
From: Dayton, Oh, USA
Status: offline

I have ISA installed with the HTTP Redirector sending request to the webserver directly. I have all my clients except for some servers using the Firewall client with no settings configed in IE. I want to be able to use Site and Content Rules to block HTTP downloads based on content type. I have the following rules right now:

1. Allow rule that allows all
2. Deny rule based on the content and to the NT group Domain Users
3. Allow rule for Domain Admins that allows all

Any ideas?

Post #: 1

Featured Links*

RE: Blocking HTTP Downloads - 5.Sep.2002 9:38:00 PM

tshinder

Posts: 50013
Joined: 10.Jan.2001
From: Texas
Status: offline

Hi TFG,

If you configure the HTTP Redirector to bypass the Web Proxy service, then Web Proxy based access controls won't apply. Always configure the clients as Web Proxy clients, then you'll get all you need.

HTH,
Tom

(in reply to tfgdayton)

Post #: 2

RE: Blocking HTTP Downloads - 5.Sep.2002 9:41:00 PM

tfgdayton

Posts: 16
Joined: 20.Feb.2001
From: Dayton, Oh, USA
Status: offline

okay but I want to use the firewall client so I can regulate who has access better via groups. I have disabled the HTTP redirector filter and the Site and content rules are working. Are there any downsides to doing this??

(in reply to tfgdayton)

Post #: 3

RE: Blocking HTTP Downloads - 10.Sep.2002 5:40:00 PM

tshinder

Posts: 50013
Joined: 10.Jan.2001
From: Texas
Status: offline

Hi TFG,

If you configure the clients as Web Proxy clients, you'll have full user/group based authentication.

If you configure the HTTP Redirector to bypass the Web Proxy service, you'll have to make sure that you configure the Protocol Rule for user/group access, you'll also not be able to use the Web Proxy cache for firewall and secureNAT clients.

HTH,
Tom

(in reply to tfgdayton)

Post #: 4

RE: Blocking HTTP Downloads - 18.Apr.2003 6:13:00 PM

Meer

Posts: 1
Joined: 18.Apr.2003
From: Karachi, Pakistan
Status: offline

Hello,
I am having a similar problem. I have ISA installed in integerated mode. I have made protocol rules and it only serves authenticated users. The HTTP Redirecter is set to "Redirect to local Web Proxy Service" i have disabled FTP through the protocol rules and i have also disabled the FTP Access Filter but users are still downloading stuff using the HTTP download facility, and i am looking for some way to stop that.
Any Ideas.....?

Regards,
Nabeel

(in reply to tfgdayton)