GFI Download Security for ISA Server as Spyware Blocker?

ISA

    Sponsored Links

    Next

  • 1. POP3 per utenze esterne.
    Buongiorno a tutti. Nella mia rete LAN ho un server Win_2003_Srv con ISA 2006 come firewall. A volte capita che ospiti esterni vengano presso la nostra sede e vogliano collegarsi ad internet, piuttosto che alla loro casella di posta elettronica. Una volta collegato il cavo di rete (interno alla LAN) e preso l'IP dal server DHCP, all'utente non resta che impostare l'IP corretto del proxy, affinch possa navigare correttamente sul web. Per quanto riguarda la posta, invece, le cose si complicano; la mia domanda, infatti, la seguente: quale policy va impostata su ISA affinch, indipendentemente dalla configurazione POP3 del client di posta, l'utente esterno possa scaricare correttamente i messaggi della sua mailbox? Esiste la possibilit di risolvere il problema senza installare il "Firewall Client" sulla macchina locale dell'utente esterno in questione? Vi ringrazio anticipatamente per la collaborazione e l'aiuto. Ciao. Alberto
  • 2. Isa continually requesting authentication for Intranet Sharepo
    If I helped you solve the problem I will be glad if you marked the problem solved ;) //Anders "Anders" wrote: > I think that your Sharepoint is guilty! :D > Have you configure AAM (Alternative Access Mapping) on the sharepoint portal > with the name you use to the pushing rule? > > I can also recommend that you use Kerberos authentication for Sharepoint > publishing. It is the best solution with ISA and Sharepoint. > > Best regards, > Anders >
  • 3. ISA Server 2006 Reverse Proxy Double Authentication
    Hi, I have an ISA Server 2006 configured as a reverse proxy for Exchange 2007 OWA. When we connect to the URL for the webmail service, We are presented with an authentication screen is marked on the bottom as an ISA authentication form. Once we successfully authenticate here, we are then presented with the real webmail authentication screen for OWA. Can anyone tell me why I am having to authenticate twice? Thanks so much for your time in advance? Tom.
  • 4. isa 2006 as web proxy only
    Can ISA be setup to perform webproxy only and have the firewall turned off? The scenario is I want all internal web browsers to use the ISA as a web proxy. I have a dedicated firewall already so ISA won't be needed for firewall services. I only want it to do the proxy stuff and I want to turn off the firewall stuff to minimize extra overhead on the server. Can this be done? If so, what can be done? Thanks
  • 5. ISA server stop responding regularly
    The ISA server shows an event error and stop responding regularly. Error message : "The size of the free non-paged pool fell below the system-defined minimum...." Each time we need to stop and restart the firewall service to release resources. Moreover, according to Microsoft support article ID 941296, the wspsvr.exe (firewall service) may used more than 2GB memory and caused the server stop responding. It also suggest to restart the firewall service. Does it mean there is memory leak of the firewall service? Could it be solved and how? Since during the firewall service restart, there is a service stopage. Is there any other solution? PS. Installed ISA 2006 SP1

GFI Download Security for ISA Server as Spyware Blocker?

Postby A P » Thu, 20 Jan 2005 10:01:45 GMT

Hi!

Who among you uses GFI's Download Security 6 for ISA for fighting spyware?
Can you share some of your experiences? Currently I have ISA Server 2000 SP2
on Windows 2003 Standard Edition. I have joined the forums under GFI but it
seems that there is no group for this software.

Me





Re: GFI Download Security for ISA Server as Spyware Blocker?

Postby OJ » Fri, 21 Jan 2005 01:34:00 GMT

it's not really a spyware tool.  look at surfcontrol or websense enterprise.
failing that, try etrust by CA.

OJ






SP2
it



Re: GFI Download Security for ISA Server as Spyware Blocker?

Postby VG9tIEpvbmVz » Sat, 22 Jan 2005 02:39:02 GMT

We use Surfcontrol for Internet Traffic Filtering and E-mail Filtering and 
have had great luck with it. Tech Support is very helpful also they will help 
you with all of your configurations if you just call them and tell them what 
you want to accomplish.








Re: GFI Download Security for ISA Server as Spyware Blocker?

Postby A P » Sat, 22 Jan 2005 09:40:13 GMT

Does surfcontrol really filters spyware?




help
what

enterprise.



spyware?
2000
but



Re: GFI Download Security for ISA Server as Spyware Blocker?

Postby OJ » Sun, 23 Jan 2005 00:16:06 GMT

Surf control stops access to spyware sites by blacklisting them - websense
does a bit more - look at the websites!

OJ








and







Re: GFI Download Security for ISA Server as Spyware Blocker?

Postby A P » Tue, 25 Jan 2005 10:12:02 GMT

Blacklisting? so, is there a site where I can get a list of URLS of
different source of spyware?










will
them




Server
GFI



Re: GFI Download Security for ISA Server as Spyware Blocker?

Postby Um9zcw » Wed, 02 Feb 2005 18:13:02 GMT

Two points:

1.  Blacklisting spyware sites is like trying to stop a flood with a sponge. 
 It's a lot of work and really isn't going to get very far.  You are far 
better denying access to all sites by default and creating a whitelist of 
sites that you trust.  We do this and also prevent ActiveX, Active Scripting 
and Java from running on untrusted sites.  We haven't had a single case of 
spyware in over a year.

I know this isn't possible in all situations so, if this doesn't suit you, 
my advice would be to consider client side anti-spyware software to detect 
when it does get installed.  Futuresoft have i:scan which looks like being a 
very good product.

2.  Don't touch GFI DownloadSecurity with a 10 foot barge pole.  It really 
is dire.  Their quarantine system is great in that the administrator can 
release files to users when needed, but they have no way to automatically 
empty the quarantine folder.  The administrator has to manually delete 
quarantined items, one file at a time.  There is also no way to distinguish 
between administrators and users.  If you block your users, you also block 
yourself.  We upgraded to ISA 2004 solely to get rid of this program.

Ross

Re: GFI Download Security for ISA Server as Spyware Blocker?

Postby Ray » Thu, 03 Feb 2005 00:29:51 GMT

What do you use in place of it? We're using Trend's WebProtect HTTP virus
scanner for ISA, but they will not have an ISA 2004 product until maybe the
third quarter of 2005, so I need a replacement.

Thanks,

Ray





sponge.
Scripting
a
distinguish



Re: GFI Download Security for ISA Server as Spyware Blocker?

Postby Um9zcw » Thu, 03 Feb 2005 01:15:03 GMT

Nothing at all actually.  We use ISA's content filtering to restrict 
downloads to set file types, and use Sophos Anti-Virus on the desktops and on 
our e-mail server, but we don't run any kind of anti virus on the ISA server 
itself.

Instead our security policy prevents staff accessing any site that is not on 
our allowed list during work hours, and even then most sites are not able to 
run any kind of scripting.  Only sites that we manually add to the companies 
trusted sites list are able to run ActiveX controls or scripts.

It's a fairly harsh policy but we've not had a single virus or malware 
problem since we instigated it.

Ross

Re: GFI Download Security for ISA Server as Spyware Blocker?

Postby A P » Thu, 03 Feb 2005 17:35:47 GMT

How did you restrict downloads from ISA's content filtering? Can you share
your configuration?






on
server
on
to
companies



Re: GFI Download Security for ISA Server as Spyware Blocker?

Postby Um9zcw » Thu, 03 Feb 2005 18:13:02 GMT

No problem, but I should point out that there is apparently a bug in ISA 
2004's content filtering that affects ASP pages.  I'm waiting to hear from 
Microsoft at the moment regarding this.  If you implement filtering in this 
way, bear in mind that there are occasional glitches with ASP pages:
 http://www.**--****.com/ ;f=25;t=000168

The other downside to this configuration is that ISA is *very* strict about 
filtering.  The filtering does not just affect file downloads, it affects 
every request made through ISA.  So if you don't allow .asp file extensions, 
your users will not even be able to browse to .asp pages.  We're pretty happy 
that we've identified all the common extensions we use, but there may be a 
few more you need to add for some sites.

Also, bear in mind that MIME types take precidence over file extensions, so 
always check whether your ISA server has a MIME type registered for the 
particular type of file you want to allow.

Cautions aside, in essence, we have two rules granting staff access to the 
internet:

One is an allow rule for HTTPS traffic, and grants access to a domain name 
set of trusted sites.  ISA cannot filter content over HTTPS so we simply 
prevent it's use to untrusted sites.

The second rule allows FTP and HTTP access, again to a list of trusted sites 
(in our case managed by Futuresoft's i:Filter, but ISA's domain sets would 
work fine).  This rule only allows set types of content.  We use the two 
default groups of HTML Document and Images, but then have two groups of our 
own in addition:

Allowed Web Content
application/x-javascript
text/css
.aspx
.cgi
.css
.js
.jsp
.pl
.shtml
.srf

Allowed Files
application/msword
application/pdf
application/vnd.ms-excel
image/gif
image/tiff
text/plain
.doc
.dwf
.dxf
.enc
.gif
.msl
.mso
.pdf
.plt
.sdf
.tif
.tiff
.txt
.xls

Some of those extensions are specific to u.  DWF files are AutoCAD drawings 
for example, but it should give you a good idea of our approach.

Ross

Similar Threads:

1.GFI Download Security vs. Trend WebProtect

We've been using Trend Webprotect and are pleased with its performance. Our
renewal is coming due and the quote for it is pretty much equal to what we
could replace it with by switching to GFI Download Security.

I'd appreciate any input on how the GFI product has worked for people since
it seems to be quite a bit more feature-rich.

My one concern is we are still on an NT domain and will not be on AD for
about a year. We have nine NT domains with two way trusts between the ISA
domain and all the rest. It looks like all we lose is the ability to
configure download rules for specific groups or specific users, which we're
handling with the native ISA features anyway. We do enforce outbound
authentication against the NT domain system and we do not have local
accounts.

Is this accurate? Will we be able to block downloads by file extension even
though it will apply to all users?

Thanks,

Ray


2.disabled/looking for FREE spyware/addware blockers

   I am on permanate disability and need a FREE blocker/registry fixer.

3.Can't download "ISA Server 2000 Security Patch for Firewall Service"

I have found several bad links on the Microsoft pages which refer to ISA
Server 2000 Security Patch for Firewall Service.  I would like more info
about this patch and, if needed, I would like to download it.  Any help
would be appreciated.

Jaime  ;-}


4.ISA Server allowing 'hidden' accesses counted by GFI Webmonitor

Here is an interesting one.

We run GFI Webmonitor 3 on our ISA Server 2004 Standard. I have 150 GFI 
licenses, with 146 users (I counted) that are allowed Internet Access.

 I receive a notice our GFI licenses are exceeded. I look at the logged 
users that GFI 'sees' as users; the way GFI records a user is if it hits the 
external interface. We have a 'Web Access' group set up in AD and only allow 
users of that group to pass through the ISA server.

The log of users includes users that are not in the Web Access group. I 
check their machines -- no internet access; they cannot browse. I look 
further at the GFI logs for these people and am seeing things like references 
to MS Office Configuration and MS WMPlayer, Verisign, and other sites/URLs 
shown for these people. Why is ISA allowing people that don't have web access 
to hit the external interface on the box with 'hidden' accesses. These are 
causing me to be non-compliant with GFI!!
-- 
Russ Knapp
IT Manager
Four Winds International Corp.

5.Firewall disabled after downloading Microsoft's anti-spyware

I downloaded the anti-spyware and my firewall became disabled.  I spent 2 
hours with Microsoft's help desk and they couldn't help me get the firewall 
enabled.  I uninstalled the spyware hoping the firewall would enable BUT, it 
won't.  I can't enable it through the control panel.  Any suggestions?
-- 
sue

6. Recent security update has disabled download of email from server

7. MS Windows Anti-Spyware Disabled by Spyware Trojan

8. Does SP2's Popup Blocker disable Google's Popup Blocker?



Return to ISA

 

Who is online

Users browsing this forum: No registered users and 97 guest