• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

Your Opinions

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA 2006 Firewall] >> Access Policies >> Your Opinions Page: [1]
Login
Message << Older Topic   Newer Topic >>
Your Opinions - 21.Jan.2007 10:01:43 AM   
bradyb

 

Posts: 11
Joined: 30.Dec.2006
Status: offline
Hi all,

I have just installed ISA 2006 onto our firewall machine and am about to do a restrucure of firewall policies. I just wanted to get your opinions as to what would be most secure and efficient.

There are two user groups, Restricted Users and Admin Users. Restricted users are not allowed to access specific domains/URLs, and they are restricted by a schedule. Admin users have virtually 'unrestricted' access to the internet, all domains, all URLS, 24/7 - no schedule.

For arguments sake 'unrestricted' is not fully what it is. ALL users can only access HTTP, HTTPS, POP3, POP3S, SMPT, SMPTS, PING, FTP and a few other custom defined ports for various business systems. In our MIS departments eyes, this is to prevent applications such as Limewire or Torrent programs running.

Is it just the easiest to create two rules, one for Restricted Users and one for Admin Users? Also would you recommend a rule for all users for DNS traffic from Internal to External and External to Internal and a rule for DNS request/reply from all networks to the DHCP server and vice versa?

Cheers
Brady.
Post #: 1
RE: Your Opinions - 28.Jan.2007 12:17:00 PM   
tshinder

 

Posts: 50013
Joined: 10.Jan.2001
From: Texas
Status: offline
Hi Brady,

You can create two rules, one for each group.

As for DNS traffic, allow it only for hosts requiring it.

HTH,
Tom

_____________________________

Thomas W Shinder, M.D.

(in reply to bradyb)
Post #: 2

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA 2006 Firewall] >> Access Policies >> Your Opinions Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts