• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

allow/block some sites with timing

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA 2006 Firewall] >> Access Policies >> allow/block some sites with timing Page: [1]
Login
Message << Older Topic   Newer Topic >>
allow/block some sites with timing - 8.Mar.2010 7:18:32 AM   
bicky

 

Posts: 53
Joined: 16.Nov.2006
Status: offline
Scenario:

I have 5 PCs

PC1
PC2
PC3
PC4
PC5

Following is the scenario i want to acheive:

1. I want internet access on all the PCs.
   Action: allow
   Protocols: all outbound traffic
   From: PC1, Pc2, PC3, PC4, PC5
   To: external

   
2. Sites like facebook.com, hi5.com should be blocked on all the PCs.
   Action: deny
   Protocols: all outbound traffic
   From: PC1, PC2, PC3, PC4, PC5
   To: myforbidden-sites (domain name sets with facebook.com & hi5.com)

  
3. Monday to Friday between 13:00 to 15:00 i want only wikipedia.org, answers.com to be accessible on PC1, PC2.
   Action: allow
   Protocols: all outbound traffic
   From: PC1, PC2
   To: myallow-sites (domain name sets with wikipedia.org & answers.com)
   Condition: myrestricted-hours (schedule created as Active on Monday to Friday 11:00 to 14:00 AND Inactive Monday to Friday 9:00 to 15:00 )



am i doing it in right-way, also in which order these rules should be?
Post #: 1
RE: allow/block some sites with timing - 9.Mar.2010 10:55:15 AM   
hrsanchez

 

Posts: 146
Joined: 30.Nov.2007
From: Argentina
Status: offline
Hi, Bicky,

Some considerations:

a) You have to change the rules order.
In the first place, the rule 2.
In the second place, the rule 3.
In the third place, the rule 1.

b) Do you want that pcs can access traffic with all protocols ?
It is preferible that you restricts traffic to only protocols needed. For example Http, https , and ftp.

c) If you have only five pcs and all are in Internal network you dont have to put all computers elements in the rule. You can make the rule from Internal network to External network.
regards,

Hector

_____________________________

Eng.Hector Sanchez
MCSE + Security 2000/2003
MCTS Isa 2004/Isa 2006

(in reply to bicky)
Post #: 2

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA 2006 Firewall] >> Access Policies >> allow/block some sites with timing Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts