• Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

Firewall Policy

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA Server 2004 Firewall] >> General >> Firewall Policy Page: [1]
Message << Older Topic   Newer Topic >>
Firewall Policy - 8.Jun.2010 11:23:02 AM   


Posts: 3
Joined: 7.Jun.2010
Status: offline
Hello Guys.
I'm very new in ISA server, in my job there was a guy to manage the servers and now he is gone, so I'm trying to understand how the system works here, we have ISA 2004, and in the firewall policy I can see lot of rules but for me is a mess or there is no order.
I want somebody to give me an idea about the order of the rules or which basic rules are missing or are not necessary. The rules we have are:

Firewall Policy                          Action                     Protocols
1. McAfee                                 Allow            All outbound traffic
2. Block pages                          Deny            HTTP, HTTPS, HTTPS Server
3. Internet Full Access              Allow           DNS, DNS Server, HTTP, HTTPS,
                                                            HTTPS Server, OWA CB, Port 995, Port 81

4. our domain name (Internal)   Allow           DNS, DNS Server, HTTP, HTTPS,
                                                                        HTTPS Server, Port 995, Port 81
5. WEB                                       Allow               HTTP
6. DNS Server                             Allow               DNS, HTTP, HTTPS
7. OWA                                      Allow               HTTP
8. Internal Services                    Allow               All outbound traffic
9. W32.conficker                        Deny               W32.conficker
10. Outbound  DNS                    Allow               DNS
11. Port 81                                 Allow               OWA CB, Port 81

Post #: 1
RE: Firewall Policy - 14.Jun.2010 6:00:06 PM   


Posts: 2244
Joined: 12.Apr.2004
From: Taylorville, IL
Status: offline
Move the 10. Outbound DNS to the top of the list.  Edit the "From" so that only the Domain controllers are allowed to make outbound DNS queries.

Remove 6. DNS Server
Remove the DNS Protocol from all other Rules

Add the ISP's DNS or whatever external DNS you are using to the Forwarders List in the DNS Service Config on the Domain Controllers.
Point all machines (ALL) DNS settings tot he Domain Controllers

The 9. W32.conficker is probably pointless.

11. Port 81 does not make any sense to me at all.


Phillip Windell

(in reply to jcastroalfar)
Post #: 2

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA Server 2004 Firewall] >> General >> Firewall Policy Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts