|
pwindell -> RE: Ports blocking (28.May2008 12:38:47 PM)
|
Everything is blocked by default.
Don't go out of your way to allow something and it won't be allowed.
Moral or the story,...don't have any "Allow everything for everybody" rules.
If you only allow them to use HTTP/HTTPS/FTP than that is all they will get. Hoever some video/audio stuff may run over specifically HTTP, so that is a problem. You would have to work with Signatures to deal with that.
Here are some links for signatures, but they are not all. You can search the Internet and find more, but this will get you started. ISA2006 still does this the same as 2004.
Common Application Signatures
http://www.microsoft.com/technet/prodtechnol/isa/2004/plan/commonapplicationsignatures.mspx
HTTP Filtering in ISA Server 2004
http://www.microsoft.com/technet/prodtechnol/isa/2004/plan/httpfiltering.mspx
|
|
|
|