Internet Use Via ISA 2004
A number of people have asked me how to restrict a group of uses to a limited selection of websites. The most recent request coming from Elias on the MCP Magazine SBS Forum also know as the Redmond Magazine SBS Forum. I am sure there is more than one to to accomplish this, but here is my stab at it.
First lets create a security
group, so of course we start in the Management Console.
Lets call our new security
group losers just for fun, and it is always a good idea to put
This is where we decide who is going to be effected by our
limitations, I will only add
Ok just hit the Finish button on the summary screen.
Now fire up the ISA Server Management Console from Start, Microsoft ISA Server, ISA Server Management
And let's create our new Access Rule.
First lets give our new rule a catchy name
Our rule is going to allow access to the internet although very limited so click Allow
Next we need to specify which Protocols we will allow so hit add
In the Add Protocol wizard only pick HTTP for this
example, you can put HTTPS if you are going to
If you wanted to add more Protocols you would hit Add again, but we will hit Next
Now tell the wizard where the traffic will come from, in our case that would be the Internal Network
If you were going to add another source this would be the place, but we will hit Next
Now here is where we get to be control freaks, this is
where we set where they can go.
A catchy name that explains the reason for the Rule Set is
always a good idea!
Now just hit Add and select our newly created URL Set
If you had multiple URL Sets you could add more here, we will hit Next.
This is where we tell ISA who to restrict, so we will remove the All Users Group
Now we will need to Create a New User Set, so hit Add then New and then User Set
Another catchy descriptive name will work nicely here
Hit Add and select Windows users and groups.
Remember the Security Group we created earlier, this is
were we use it,
Of course you could add more groups here, but just hit next for our demo.
Now the obligatory summary screen, hit finish to close the User Set Wizard.
Now select our newly created User Set
By now you know you can add more right, hit Next.
Hey we are almost done, this is the last Summary Screen to hit finish on.
But wait a minute, your not done yet, as in all things ISA 2004 when you are finished you HAVE TO HIT APPLY
Watch the little progress bar knowing that your hard work (ok so it wasn't that hard) is about to pay off
The Wizard wants to help build you ego, just stop smirking and hit OK
Now here is where you can get in trouble. ISA applies the
rules in the order you see below,
Unfortunately there is not a move to top button so you
have to keep clicking,
And don't forget, we just made more changes so we need to click Apply once again.
Hit OK one more time, and now you can rest your clicker finger.
And that is all there is to it.
*All trademarks and copyrights are property of their respective owners.