How to Block Websites in ISA
Microsoft's Internet Security & Acceleration Server (ISA) was introduced in 2000 as a software-based firewall. It's capable of far more than just blocking websites and malware. Some of the ISA server's most useful abilities are serving as a firewall, a web proxy security gateway and a Virtual Private Network (VPN) server.
Other People Are Reading
Instructions
-
ISA 2000
-
1
Computer Lockdown Open Microsoft ISA Server and click on "ISA Management."
-
2
Expand the tree on the left by clicking on "Servers and Arrays" and then clicking on the name of the server you are configuring.
-
-
3
Click on "Policy Elements" in the tree under your server name.
-
4
Right-click on "Destination Sets," hover over "New" and then select "Set."
-
5
Type in a name for the destination set and click "Add."
-
6
Create a list of blocked sites by clicking "Add Destination" and typing in either the IP address or name of each website. Use an "*" to denote a wild-card (i.e., *.site.com).
-
7
Click "OK" when you have finished entering the needed websites and then navigate to and expand the "Access Policy" node in the tree.
-
8
Right-click on "Site and Content Rules," hover over "New" and then select "Rule."
-
9
Enter a name for the rule and click "Next."
-
10
Select "Deny" and click "Next."
-
11
Select "Deny Access Based on Destination" and click "Next."
-
12
Select "Specified Destination Set" under "Apply This Rule To" and pick the destination set that you just created.
-
13
Click "Next" and then click "Finish."
ISA 2004 and ISA 2006
-
14
Block Website Access Open the "ISA Server Management Console."
-
15
Expand the tree on the left by clicking on the name of the server you are configuring.
-
16
Right-click on "Firewall Policy," hover over "New" and select "Access Rule."
-
17
Enter a name for the rule and click "Next."
-
18
Select "Deny" and click "Next."
-
19
Select "Selected Protocols" under "This Rule Applies To" and click "Add."
-
20
Select "HTTP" from the list and click "Add."
-
21
Click "Next" and then click "Add" on the access rule sources page.
-
22
Select "Internal" under "Networks" and click "Add."
-
23
Click "Next" and then click "Add" on the access rule destinations page.
-
24
Click "New" and select "URL Set." Type in a name for the URL Set.
-
25
Create a list of blocked sites by clicking "New" and typing in either the IP address or name of each website. Use an "*" to denote a wild-card (i.e., *.site.com).
-
26
Click "OK" and then click "Add."
-
27
Select the URL Set you just created from under the "URL Sets" list and click "Add."
-
28
Click "Next" and then click "Next" again to apply this rule to all users.
-
29
Click "Finish" to end the wizard and then click "Apply" on the "Firewall Policy" screen to save your changes.
-
30
Click "OK" and then move your newly created rule to the appropriate spot in the list (usually the top).
-
1
Tips & Warnings
You can turn off a rule by right-clicking on it and selecting "Disable."
You may have to restart your firewall services for changes to take effect.
You must first configure a site and content rule on the ISA server to allow all traffic through before blocking a specific set of addresses. Without this rule, users will not have access to any sites on the Internet.
Make sure that you move your "Deny" rule ahead of your "Allow All" rule in the list or it will not get applied.
References
- Photo Credit cluster disaster concept image by .shock from Fotolia.com computer monitor with padlock image by patrimonio designs from Fotolia.com kid laptops image by Andrey Kiselev from Fotolia.com
