The thing is that some of the applications like Adobe Acrobat are trying to access on a regular bases the internet using the settings from IE. I did what tshinder suggested me to allow only http and to configure the http redirector to drop request from firewall and secureNAT clients but it seems that it is not working. I also create in the firewall client mspclnt.ini file to add something like [acrord32] Disable=1 it didn't work as well.It means to me that these applications are not using winsock for having connections. Does anybody know how to block some applications that are using IE settings from ISA side to connect to the internet ... something like allow only Mozilla/4.0 c-agent for having connections to the internet ? Regards, Costi
Hello Tshinder, Whenever i am seeing Adobe Acrobat or others applications in the ISA log it meens to me that still those applic are trying to access some update sites, the problem is that in the client side those applic are in a wait state and are not working untill they are getting something or timeout. Adobe Acrobat it is one exemple but i have a plenty of applic that are doing the same thing. Also to block those sites that are accessed by these applic it's a good ideea but you have to know those sites. I was wondering whether there is a more professional way to do it, maybe i miss something. Can you please give me a clue ? Thanx in advance Costi
Most of these applications can be configured not to check the Internet, but many of them have spyware/scumware, and the only way to know about them is to study your log files and block the sites. You can also use the Firewall client and the mspclnt.ini file to block these too, but I find Site and Content Rules the easiest way to do it.