+ Post New Thread
Results 1 to 3 of 3
How do you do....it? Thread, ISA in Technical; Saw this thread : http://www.edugeek.net/forums/securi...ass-sites.html Made me think - is it possible to create another 2 groups ( one whitelist ...
  1. #1

    mac_shinobi's Avatar
    Join Date
    Aug 2005
    Posts
    9,975
    Thank Post
    3,523
    Thanked 1,107 Times in 1,014 Posts
    Rep Power
    374

    ISA

    Saw this thread : http://www.edugeek.net/forums/securi...ass-sites.html

    Made me think - is it possible to create another 2 groups ( one whitelist and one black list on top of the original white list and black list that you already have ) and then link the 2 newly created groups to a specific OU ie web restricted so that you can still give those students access to your VLE, the bbc and only specific learning websites and then ban any other websites in the black list by using a wild card of some sort ?

    Then also on the OU apply a hash of IE any other web browser exe's to stop them from launching any of the web browsers ( not sure if that will stop them using my computer to browse the web or using word - creating a link in word and then ctrl clicking the link ).

    Also how do you disable the address bar in my computer ( aka explorer.exe ) ?

  2. #2

    SYNACK's Avatar
    Join Date
    Oct 2007
    Posts
    11,268
    Thank Post
    884
    Thanked 2,747 Times in 2,321 Posts
    Blog Entries
    11
    Rep Power
    785
    You can only define access rules via groups through ISA so you would need to move the restricted users into a specific group as well as an OU. You should be able to have multilayered white lists but why not simply have a core list that is right at the top and always accessible, ie VLE then have the white list applied to all users apart and denied to your blocked group after that.

  3. #3


    tom_newton's Avatar
    Join Date
    Sep 2006
    Location
    Leeds
    Posts
    4,487
    Thank Post
    867
    Thanked 855 Times in 675 Posts
    Rep Power
    197
    Don't think about disabling "other browsers" - it's a losing game. Some toerag will come in with a mod'd firefox on USB or whatever.

    Block port 80 outbound pon your firewall. Open it for your proxy and anything else that absolutely categorically won't play ball with your proxy (few things really come into this category - if you have one, LMK, I can solve most of them for most proxies...). Then it doesn't matter a curse if someone uses word, or firefox, they will get nowhere.

    Next stage is to either block, or heavily filter unauthenticated proxy users, so if they don't auth, they don't win.



SHARE:
+ Post New Thread

Similar Threads

  1. ISA Server
    By ICT_GUY in forum Wireless Networks
    Replies: 3
    Last Post: 19th June 2008, 10:00 AM
  2. ISA 2006
    By UBBERgoose in forum Windows
    Replies: 3
    Last Post: 23rd August 2007, 10:26 AM
  3. ISA Server
    By mrbios in forum Windows
    Replies: 26
    Last Post: 10th July 2007, 01:43 PM
  4. ISA Queries...
    By Gatt in forum Windows
    Replies: 14
    Last Post: 11th May 2006, 07:42 PM
  5. ISA and...?
    By indiegirl in forum Windows
    Replies: 19
    Last Post: 9th March 2006, 04:56 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •