• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

Question !!

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA 2006 Firewall] >> HTTP Filtering >> Question !! Page: [1]
Login
Message << Older Topic   Newer Topic >>
Question !! - 8.Aug.2008 4:28:00 AM   
rashpal

 

Posts: 41
Joined: 27.Mar.2002
Status: offline
Hi to all,

I am testing ISA 2006 which is domain member and I would like to create firewall rule for scenario below.

Appreciate if somebody body can help me out.


Scenario:

I have two user, user A and User B.

User A will be able to use yahoo messenger but cannot download any EXE files.

User B will able to download EXE file but not able to use yahoo messenger.


Both users are domain users.



Thanks in advance for all the help.
Post #: 1
RE: Question !! - 8.Aug.2008 8:39:21 AM   
paulo.oliveira

 

Posts: 3472
Joined: 3.Jan.2008
From: Amazon, Brazil
Status: offline
Hi,

you have to create two access rules:

quote:

User A will be able to use yahoo messenger but cannot download any EXE files.

Configure http filter to block executable files or just the .exe extension. To do that right click on the access rule, choose Configure HTTP Filter. On General tab you can mark Block reponses containing Windows executable content.
Or go to the Extensions tab and choose Block specified extension (allow all others). Add the exetension you want to block.

quote:

User B will able to download EXE file but not able to use yahoo messenger.

Use the http filter to block yahoo messenger signature.
Search in: Request headers
HTTP header: Host
Pattern: msg.yahoo.com

Regards,
Paulo Oliveira.

(in reply to rashpal)
Post #: 2
RE: Question !! - 8.Aug.2008 8:44:13 AM   
gbarnas

 

Posts: 155
Joined: 27.Apr.2005
From: New Jersey
Status: offline
Pretty basic - you create 3 access rules
for Yahoo IM, Access is by a domain group "YIM Users"
for web (http, etc), Access is by domain group "EXE Downloaders"
for web (http, etc); enable the filter to block EXE, Access is either All Users or Authenticated Users, depending on your needs

User A is a member of "YIM Users" group
User B is a member of "EXE Downloaders" group

You'll need to define the proper protocols for Y! Messenger access, as they aren't in ISA by default.

The idea is that you permit specific traffic for specific user groups, then permit traffic for larger groups, then for all groups, then deny everything else - rules are defined most to least specific.

Glenn


(in reply to rashpal)
Post #: 3
RE: Question !! - 12.Aug.2008 9:49:35 PM   
rashpal

 

Posts: 41
Joined: 27.Mar.2002
Status: offline
Works like charm and thanks again for helping.

(in reply to gbarnas)
Post #: 4
RE: Question !! - 13.Aug.2008 8:12:03 AM   
paulo.oliveira

 

Posts: 3472
Joined: 3.Jan.2008
From: Amazon, Brazil
Status: offline
Hi,

no problem. Just glad to help.

Regards,
Paulo Oliveira.

(in reply to rashpal)
Post #: 5

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA 2006 Firewall] >> HTTP Filtering >> Question !! Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts