Can AD push information down to the IE Content Advisor? It would be nice to implement this from AD on an as needed basis...
Ernest E. Busby II Information Security Analyst TWC -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED] Sent: Monday, April 09, 2007 12:57 PM To: Jim Harrison; Rocky; [email protected] Subject: RE: blocking thru IE If there are a multitude of sites and clients, then yes, something like ISA might be the way to go. If you are talking about one site on a given client, or even account/profile, keep it simple and cheap and use the content advisor. I've seen the content advisor used at a previous job where if a user hadn't activated their account already, they would log in with the "newuser" account and they were restricted to only be able to run IE and the content advisor only allowed them to go to the account activate site. In this situation, something like ISA is overkill. Heck, in this case the cost and overhead of ISA probably would have killed the project. Brady McClenon Administrative Computer Services State University College at Oneonta Oneonta, NY 13820 > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Jim Harrison > Sent: Monday, April 09, 2007 12:26 PM > To: Rocky; [email protected] > Subject: RE: blocking thru IE > > Rather than trying to control it at the client (where the user can > potentially disable your tweaks), exercise this control at the edge. > Whether you use ISA, Checkpoint, Pix, BlueCoat, Juniper or WinGate, the > process is basically the same. > 1. Determine where that web site lives. This can be difficult if its > hosted by one of the "big kids", like Akamai, since they use a > globally-dispersed, short-lived RR-name scheme (20 sec TTL). > 2. Block those requests by name and IP at the edge. > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] > On Behalf Of Rocky > Sent: Friday, April 06, 2007 10:49 AM > To: [email protected] > Subject: blocking thru IE > > Hey guys, is there a way to block everything on IE6 or Firefox 2.0 and > just permit one website? i'm playing with IE content but i just can't > get it done. > > thanks a lot. > rocky > > All mail to and from this domain is GFI-scanned.
