Hi, I am using ISA SERVER 2006.I want to block a pool of Computer set so that they does't access facebook web site. Currently I have only one rule in ISA to run my clients computers i.e internet to External.
To block pool of ip address from Facebook I try to help from this artical "Using ISA 2004 Firewall Domain Name Sets to Control Internet Access by : Thomas Shinder and Printable Version"
In my ISA server under "From/Listener" I give the computer set and To "Forbidden sites" Apply it but still the users can access face book and youtube. please help me how can I do it? thanks mypass
Are your user's using tunnel or proxy sites to access fobidden sites filtered by ISA server?
If they are, then create a rule to block those tunnel or proxy sites or you may use a third party progam like GFI Webmonitor.
If not, your deny rule for those specific sites must come first b4 you allow your users to access the internet.
Example:
You can insert this rule if your users are using proxy sites...
Rule: Optional Access Name: Block Proxy Sites Action: Deny Protocols: HTTP, HTTPS Listener: Internal To: Block Proxy Sites - this is a Domain Name Sets - add the proxy, tunnel sites you want to block here) Users: All
Rule 1 Access Name : Block Specific Sites Action : Deny Protocols: HTTP, HTTPS Listener : Computer1,Computer 2, Computer 3, etc... To/Destination: Block Sites - this is a Domain Name Sets - add the sites you want to block here) User: All Users
Where: Computer1, Computer2, etc. are set of computers you want to deny of browsing those sites. Block Sites, Block Proxy Sites are Domane Name Sets that defined those specific sites you want to block.
Rule 2: Access Name : Internet Access Action : Allow Protocols: HTTP, HTTPS Listener : Internal To/Destination: External User: All Users
Best regards,
HotIce
< Message edited by HotIce -- 3.Feb.2011 9:58:43 PM >
Hello, Could I use HTTP signatures to block facebook, but specially, to prevent users from accessing sex pages, with the word "sex" , this is, with key words ? .