Preventing HTTP: Zip & Exe downloads

[mjcrouch]

How can I set up a rule to prevent users from downloading
zip & exe files from http sites? I am sure I saw an example of this when I first installed the ISA software, but now I cannot find any help on it anywhere. Help!!!

 

[MCP2000]

Frist create a content group that defines that extensions that you want to restrict. Then, create a "site and content rule" that denies access to all sites, or certain sites (depending on how you want to configure it). Apply this rule to what ever users or groups that you want. Now, THIS IS THE IMPORTANT PART. Go to the "HTTP Content" tab and select the "Selected content groups" radio button. In there, you should see the content group that you just created. Uncheck everything but that group. That will prevent the download of whatever file types that you defined. Keep in mind, however, that "deny" rules are applied first on the ISA server. With that said, make sure that anyone that does have to download these file types are listed in the "Exceptions" area of the "Applies To" tab. That will allow them to by-pass that rule. Hope this helped. Later

 

[MoltenUniverse]

Beware with prblems with HTTPS sites...