Sunday, August 30, 2009

How to block Gtalk using Microsoft ISA 2004

Follow the steps to block Gtalk using Microsoft ISA 2004.
Step1: Right Click on 'Firewall Policy'-->New-->Access Rule.
Step2:Access Rule Name
Give the name to particular access rule. I have given 'Block Gtalk'. then click on 'Next Tab'.
Step3: Rule Action.
Select the option 'Deny'.(it is default option). then click on 'Next Tab'.

Step4: Protocols
Select the option 'All outbound traffic'. (this is also a default option). then click on 'Next Tab'.

Step5: Access Rule Sources
In the 'Access Rule Sources' pane, we have to add the traffice source. which is actually the 'internal network'. For that
Click on the 'Add Tab' on the 'Access Rule Sources' pane. Then 'Add Network Entities' windows will come. Click on the '+' sign near to 'Networks'. Then select 'internal'. Then Click on 'Add Tab' and 'Close'.

Step6: Access Rule Destination.
Here we have to create three custom 'Network Entities'.
1.Computer Set
2.URL Set
3.Domain Name Set
Click on 'Add Tab' on the 'Access Rule Destination' pane. Then the 'Add Network Entity' window will come. Click on 'New' option, the drop down will appear. Click on Computer Set.
'Computer Set' window will come. Give the name 'Gtalk Servers'. Click on 'OK Tab'. Like wise click on option 'URL Set' in the drop down window. Give the name 'Gtalk URLs'. Click on 'OK Tab'. Finally click on option 'Domanin Name Set' in the drop down window.Give the name 'IM Messengers'. Click on 'OK Tab'.
Computer Set - Gtalk Servers
Here we have to enter some values. For that Click on 'Add Tab' in the 'Gtalk Servers'. Then click on 'Computer' option.Then enter the name IP1 and give Ipaddress respective to this.
URL Set - Gtalk URLs
We have to add urls in the 'Gtalk URLs'. For that click on 'Add Tab' and enter all the urls which are given below.
Domain Name Set - IM Messengers
Here we have to add domain names. For that click on 'Add Tab' and enter the domain names given below.
After creating custom 'Network Entities'. We have to add three entities in 'Access Rule Destinations'. For that Click on 'Add Tab' in the pane. Then 'Add Network Entities' window will come. If you want to add Computer Set- Gtalk Servers, click on '+' sign near to 'Computer Sets' then select 'Gtalk Servers' and click on 'Add Tab'. Like wise add 'URL sets' and 'Domain Name Sets'. Click on 'Close Tab'.

Steps7: User Sets
Select 'All Users' option. Then click on 'Next Tab'.
Then click on 'Finish Tab'.
Now Gtalk should not be accessible in your company network. We have implemented the same in our company network. It successful. I hope this post will help all those who want to block Gtalk using Microsoft ISA 2004 server.