• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

URL Whitelist

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA Server 2004 Firewall] >> Access Policies >> URL Whitelist Page: [1]
Login
Message << Older Topic   Newer Topic >>
URL Whitelist - 17.Sep.2010 9:20:34 AM   
Sparkofgenius

 

Posts: 2
Joined: 17.Sep.2010
Status: offline
Hello,

We are currently trying to implement a whitelist for our students within ISA server 2004, currently we have a rule which allows access to certain sites via a domain sets object, this works to certain degree with some sites and with others not as well, the main problem being that for example bbc.co.uk amongst others pulls it's images and videos from several different sources example (news.bbcimg.co.uk, newsimg.bbc.co.uk, www.bbc.co.uk, static.bbc.co.uk, bbc.co.uk, news.bbc.co.uk, node1.bbcimg.co.uk, su.sageanalyst.net, stats.bbc.co.uk)
So in the domain sets I have *.bbc.co.uk, which covers the majority of the site, but anything from bbcimg.co.uk or sageanalyst.net, is blocked making the site look incomplete and removes a lot of functionality of the site, I could add these extra domains to sort the issue for the BBC site, but tomorrow it could be getting images etc from different sources and I have this issues with a lot of sites. A blacklist is not an option for us in the sense that it would be a huge., so my question is, is there a way of only allowing certain sites by URL but allowing the images etc that make up the site to be allowed as well.

Thanks

Tags:
ISA Server 2004
Post #: 1
RE: URL Whitelist - 20.Sep.2010 9:33:15 AM   
Sparkofgenius

 

Posts: 2
Joined: 17.Sep.2010
Status: offline
Hi Guys

Been working on this over the weekend, and I think I may have found a solution. I have my whitelist rule which allows http traffic for students to a list of domains in my domain name set. As mentioned above certain sites do not display correctly if some images and videos are pulled from a different source. Below this rule I have created a rule for http traffic to external for students and have placed a content type filter so it will only allow images, .js files, .css files and videos. So in effect the first rule lets a student browse to a site in the domain set and download images and videos etc which fall within the domain name set, and the second rule downloads any other images that the site needs to be functional. Iím aware that there is potential that a direct link to a image or video will now be accessible for students, but due to the nature of the way the students use the workstations, I feel it wonít be an issue.

Does anyone see a something Iím missing here and would not recommend this?

(in reply to Sparkofgenius)
Post #: 2

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA Server 2004 Firewall] >> Access Policies >> URL Whitelist Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts