HOW TO BLOCK GOOGLE / GTALK USING ISA SERVER 2004 (WITHOUT BLOCKING GOOGLE AND GMAIL) - ARTICLE BY MANU ZACHARIA Thanks to http://www.theadmins.info
SOME USEFUL INFO
To block Google Talk, I am using the User-Agent field in the HTTP header. How I got it? Simple, I usedMicrosoft Network Monitor to capture packets that involved the authentication of GTalk. See the figure below:
-
§ Right click on the access rule that allows HTTP traffic from the internal network to the external network (Internet) and click on “Configure HTTP”. See the figure below:
-
§ Click on the Signatures tab. (refer the screenshot below)
-
§ Click on the Add button and enter the details as shown below:
-
§ Click on OK to return to the “Configure HTTP policy for rule” window. (refer screenshot below).
.
§ Click OK once again to close the window.
§ Now from the client’s machine, if you try to login to Google Talk using your Gmail ID, you will get the error window as shown below:
HOW TO BLOCK WEB BASED GTALK INSIDE GMAIL.
The easiest way to do is to block all traffic to chatenabled.mail.google.com
How we got it. Simple – again through packet capturing, but this time I used, Wireshark.
The steps are as follows:
Under ToolBox, click on New and then on URL set to create a new URL set. (refer screen shot)
Enter the details as shown below and click on OK button.
- Once we have created the URL set, click on the Tasks tab (Refer screen shot)
- Click on "Create New Access Rule". The New Access Rule Wizard window will appear.
- Enter the Access rule name and click on Next.
- Click on Deny radio button and click on Next
- Select All outbound traffic from the drop down list and click on next.
- The Access Rule Sources window will appear. Click on Add button to open the Add Network Entitieswindow
Click on Internal and click on Add button.
- The internal network will be added to the window. Click on Next.
- The Access Rule Destination window will appear. Click on Add button. The Add Network Entities window will appear.
- Here select the URL Set created in the previous section and click Add.
The URL set will be added to the window. Click Next.
- Make sure that All Users are selected and click on Next.
§ The Completing the New Access Rule Wizard window will appear. Click on Finish and click on Apply at the top of the window.
Now from the client’s system, when you login to Gmail account, the chat mini window on the left side of the window will be grayed out as shown below.
Hope this was helpful in solving your sys admin issue.
Happy Administering
Comments