We like most of the organisations have a policy blocking social networking sites like Facebook, Orkut, etc.
The thing we did was the ususal thing, ie , to create a rule blocking a URL set containing the urls for the sites.
Then we happened to notice that a few people were getting access to Facebook with the help of the URL https://facebook.com
Even though we blocked HTTP access to Facebook, the site could be accessed through HTTPS.
We researched quite a bit and found out that blocking HTTPS is quite impossible in ISA Server 2006.So what we did was ....
1. Created a Domain Set containing thet domains to be blocked (eg: facebook.com and *.facebook.com)
2. Access to the following protocols were blocked - HTTP , HTTPS and HTTPS Server, for the above said Domain Set to Internal Users.
The Key to the solution was Blocking HTTPS Server. That is, even though we couldn't do anything to block HTTPS access to the Facebook site (Outbound) , blocking HTTPS Server would result in blocking the Incoming Packets (Inbound).
Hope this helps...
The thing we did was the ususal thing, ie , to create a rule blocking a URL set containing the urls for the sites.
Then we happened to notice that a few people were getting access to Facebook with the help of the URL https://facebook.com
Even though we blocked HTTP access to Facebook, the site could be accessed through HTTPS.
We researched quite a bit and found out that blocking HTTPS is quite impossible in ISA Server 2006.So what we did was ....
1. Created a Domain Set containing thet domains to be blocked (eg: facebook.com and *.facebook.com)
2. Access to the following protocols were blocked - HTTP , HTTPS and HTTPS Server, for the above said Domain Set to Internal Users.
The Key to the solution was Blocking HTTPS Server. That is, even though we couldn't do anything to block HTTPS access to the Facebook site (Outbound) , blocking HTTPS Server would result in blocking the Incoming Packets (Inbound).
Hope this helps...
It works!
ReplyDelete