Re: http://www.isaserver.bm/destination_sets.html



Stolen from http://blogs.technet.com/isablog/

Lists of various categories of Web sites to which you may want to block
access to some or all users in your organization are available on the Web
and from other sources. The files containing such lists may have one of four
typical formats:

a.. A text file containing a list of domain names.
b.. A text file containing a list of URLs.
c.. An .xml file created by exporting a domain name set.
d.. An .xml file created by exporting a URL set.
Before describing how to install these files, let's quickly review the
differences between domain name sets and URL sets. A domain name set is a
rule element that can be defined in an array or on the enterprise level (in
Enterprise Edition). Each domain name set holds a set of domain names that
can be applied to cache rules, routing rules, access rules, and system
policy rules. The domain names included in a domain name set may be
specified in either of the following formats:

a.. Fully qualified domain name (FQDN) (for example,
www.northwindtraders.com)
b.. Domain Name System (DNS) suffix (for example, *.net)
Domain names specified in other formats may be included, but these are
ignored.



A URL set is also a rule element that can be defined in an array or on the
enterprise level (in Enterprise Edition). Each URL set contains a set of
URLs that can be applied to rules that control HTTP traffic, including cache
rules, routing rules, access rules, and system policy rules.



Each URL in a URL set may include a host name and a path. Wildcard
characters are allowed. However, URLs containing a question mark (?) that
are included in a URL set are ignored. A protocol (HTTP, HTTPS, or FTP) and
a port number may be included, but these are ignored.

a.. Host names may be specified in any of the following formats:
b.. FQDN (for example, www.northwindtraders.com)
c.. DNS suffix (for example, *.net)
d.. IP address
e.. Wildcard character (*)
Paths may be specified in any of the following formats:

a.. Full path (for example, default.htm)
b.. Prefix (for example, /pictures/travel/* or /*)
A list of domain names in a text file can be added to a domain name set
using a script, and a list of URLs in a text file can be added to a URL set
using a script. For scripts that perform these tasks and additional relevant
information, see Adding Lists to Domain Name Sets and URL Sets at the
Microsoft TechNet Web site. The scripts in this article are suitable for
both ISA Server 2006 and ISA Server 2004.



The domain name set defined in an .xml file created by exporting a domain
name set can be installed by importing the .xml file. This is accomplished
by performing the following steps.



1.. Open ISA Server Management.
2.. In the console tree, click Firewall Policy. This step can be performed
as follows:
a.. For ISA Server Enterprise Edition, expand Microsoft Internet
Security and Acceleration Server 2006 (or 2004), expand Arrays, expand
Array_Name, and then click Firewall Policy.
b.. For ISA Server Standard Edition, expand Microsoft Internet Security
and Acceleration Server 2006 (or 2004), expand Server_Name, and then click
Firewall Policy.
3.. On the Toolbox tab, click Network Objects.
4.. Right-click Domain Name Sets.
5.. Click Import All.
6.. In ISA Server 2006, follow the instructions in the Import Wizard. In
ISA Server 2004, select the .xml file and click Import.
Note that the name of the new domain name set is defined in the .xml file.





The URL set defined in an .xml file created by exporting a URL set can be
installed by importing the .xml file. This is accomplished by performing the
following steps.



1.. Open ISA Server Management.
2.. In the console tree, click Firewall Policy. This step can be performed
as follows:
a.. For ISA Server Enterprise Edition, expand Microsoft Internet
Security and Acceleration Server 2006 (or 2004), expand Arrays, expand
Array_Name, and then click Firewall Policy.
b.. For ISA Server Standard Edition, expand Microsoft Internet Security
and Acceleration Server 2006 (or 2004), expand Server_Name, and then click
Firewall Policy.
3.. On the Toolbox tab, click Network Objects.
4.. Right-click URL Sets.
5.. Click Import All.
6.. In ISA Server 2006, follow the instructions in the Import Wizard. In
ISA Server 2004, select the .xml file and click Import.
Note that the name of the new URL set is defined in the .xml file.


--
Brennan Crowe
Security Escalation Engineer - ISA Server
Microsoft Corporation

http://www.microsoft.com/isaserver
This posting is provided "AS IS" with no warranties, and confers no rights.
"Greg O" <gregorme@xxxxxxxxx> wrote in message
news:1167841390.382037.164810@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
http://www.isaserver.bm/destination_sets.html

I am unable to import this destination sets into 2k6 isa. Has anyone
used sets like this?



.