Policy for my websense filter
- From: Mr_Huang <mr.huang.hk@xxxxxxxxx>
- Date: Fri, 2 May 2008 00:56:29 -0700 (PDT)
Dear guru,
Wondering how can I set up my ISA Policy for my websense filter,
Environment:
* ISA 2004 Enterprise + Websense filter agent installed
* Windows 2003 domain + Windows XP Prof
* Both IE and Firefox users
* Some machines joined the domain where some are not (logon locally)
* Enabled proxy setting relay to my ISA for both IE and Firefox
* Enabled Integrated Authentication in my ISA and IE 6.0/7.0
* "Require all users to authenticate" is not checked
* Set up specific Websense policy for domain users and groups
Add two rules:
1 Allow ftp, http, https From:Internal_client To:Anywhere
Condition:All Users
2 Allow ftp, http, https From:Internal_client To:Anywhere
Condition:All Authenticated user
Result,
It seems most of the Web traffic are became "anonymous" instead of
authenticated, so it does not really hit rule #2. Then, all the user
will assign the default Websense policy instead of the individual
policy assigned by them.
Test One:
If I move the second rule "Authenticated user" to the top, it will
prompt the local login user for authentication.
Test Two:
If the "Require all users to authenticate" turned on, it will prompt
the local login user for authentication.
Requirements:
* Use different policy for different AD groups/users
* Assign "default" policy for local users
* Not to prompt the user for any authentication
Questions:
1. How does the rule order work?
2. What should I do further?
thanks
huang
.
- Next by Date: Internet Access from Non-Windows client through ISA Server 2004
- Next by thread: Internet Access from Non-Windows client through ISA Server 2004
- Index(es):
Relevant Pages
|
|
