Getting started with Microsoft ISA Server 2006, Part III: Create Firewall Policy Rule
Firewall Policy
From part II, you have configured Network Topology. Now you need to create a policy rule to allow traffic pass through the ISA Server.
By default, ISA Server is configured with default rule which blocks all traffics pass through ISA Server. But you can customize rules to match your policy in organization. On each rule, you can customize to allow or deny access, protocols, source and destination addresses, users (ISA Server can integrated with Active Directory), time to use the rule, content types.
Step-by-step
Next, I will create a new web access rule for all users in internal network to access internet(external network) with only HTTP (port 80) and HTTPS (port 443) protocols.
- Open ISA Server Management. Expand server name(in this example, BKKFRW001) -> Right click on Firewall Policy -> New -> Access Rule.
- New Access Rule Wizard appears, enter the name of access rule. Click Next.
- On Rule Action, select Allow. Click Next.
- On Protocols, click Add. Add Protocols window appears, expand Common protocols and select HTTP and HTTPS.
- On Access Rule Sources, click Add. Add Network Entities window appears, expand Networks and select Internal.
- On Access Rule Destinations, add External network.
- On User Sets, leave All Users. Click Next.
- Click Finish to complete create new rule.
- Again, don’t forget to apply your setting on ISA Server to take effect. Click Apply.
- Next part will be about client configuration to access to ISA Server.
No comments:
Post a Comment