I have tried 3 and 4 times to block https sites but i will not be able to block https sites by ISA Server 2006. I think i don't know the exact way to block https. Can some help me in this regards.
For example, i am trying to block www.gmail.com and after puting this in ISA Server 2006 > Firewall > URL Set and put this in block category. Users can not open http://www.gmail.com but they can access this by this link https://www.gmail.com. How can i block https in this regards.
How is your client access based? Are they using the firewall client?
The problem I have with SSL on ISA is that if you are not using the firewall client then the user establishes a session with the WebSite independent of the ISA (not really independent, but ISA cannot filter the traffic). If it is on port 80 the traffic can be read by ISA and the firewall rules apply. If they connect on 443 the traffic is encrypted for server to client (google to user PC) and the ISA only sees the IP address of the server, not the hostname. In this scenario you will have to block the IP addresses of those sites (Which will probably break many other sites as well).
If you use the firewall client on the user computers then the encrypted session is between the ISA server and the Web server. ISA then passes the traffic to the client. Since ISA initiates the session it will decrypt the traffic read the host header and deny access by your rule.
I don't know of any whay in ISA to block SSL traffic if you are not using the Firewall Client. If there is, please let me know.
I could be wrong but that is how I understand ISA functions.