Policy for Anonymous web browsing
Last response: in Windows 2000/NT
Archived from groups: microsoft.public.win2000.group_policy (More info?)
I have setup and ISA server and purchased some additional monitoring/access
control software for it. A lot of the rules on it are based on the users
name. Unfortunatlely, my log is filled with a lot of items that show user
anonymous connecting to a lot of thing instead of DOMAIN\Username.
Is there a GP that I can use to make it so IE will not try an anonymous
connection and if so, will this have any negative impact?
I have setup and ISA server and purchased some additional monitoring/access
control software for it. A lot of the rules on it are based on the users
name. Unfortunatlely, my log is filled with a lot of items that show user
anonymous connecting to a lot of thing instead of DOMAIN\Username.
Is there a GP that I can use to make it so IE will not try an anonymous
connection and if so, will this have any negative impact?
More about : policy anonymous web browsing
Archived from groups: microsoft.public.win2000.group_policy (More info?)
There are three types of connections to an ISA server - firewall client, proxy web,
and secure NAT. If users are using secure NAT, then they are just using the ISA
server as a gateway and rules other than those for users/groups will apply to them.
Proxy web is for users who have their web browser configured to use the ISA server as
their proxy server and they will have user/group rules applied and be logged as the
user for any connection through their web browser only. Firewall Client will have all
traffic to the ISA server subject to user/group rules and always be logged as the
user.
Either make sure everyone has the firewall client installed or you can use Group
Policy to enforce the proxy server connection settings for Internet Explorer for
either user or computer. Just make sure that the user is also restricted from
accessing the connection settings for Internet Explorer or they will try to bypass
the proxy server settings. --- Steve
In Group Policy for user configuration look under user configuration/Windows
Settings/Internet Explorer maintenance/connection for where to configure proxy
settings. There is a similar setting under computer configuration. Also look under
user configuration/administrative templates/Windows components/Internet Explorer for
ways to restrict user access to IE settings which in my opinion the less they have
the better. --- Steve
"Jordan" <nojunk_allowed@nospam.com> wrote in message
news:eyCiuKcZEHA.3420@TK2MSFTNGP12.phx.gbl...
> I have setup and ISA server and purchased some additional monitoring/access
> control software for it. A lot of the rules on it are based on the users
> name. Unfortunatlely, my log is filled with a lot of items that show user
> anonymous connecting to a lot of thing instead of DOMAIN\Username.
>
> Is there a GP that I can use to make it so IE will not try an anonymous
> connection and if so, will this have any negative impact?
>
>
There are three types of connections to an ISA server - firewall client, proxy web,
and secure NAT. If users are using secure NAT, then they are just using the ISA
server as a gateway and rules other than those for users/groups will apply to them.
Proxy web is for users who have their web browser configured to use the ISA server as
their proxy server and they will have user/group rules applied and be logged as the
user for any connection through their web browser only. Firewall Client will have all
traffic to the ISA server subject to user/group rules and always be logged as the
user.
Either make sure everyone has the firewall client installed or you can use Group
Policy to enforce the proxy server connection settings for Internet Explorer for
either user or computer. Just make sure that the user is also restricted from
accessing the connection settings for Internet Explorer or they will try to bypass
the proxy server settings. --- Steve
In Group Policy for user configuration look under user configuration/Windows
Settings/Internet Explorer maintenance/connection for where to configure proxy
settings. There is a similar setting under computer configuration. Also look under
user configuration/administrative templates/Windows components/Internet Explorer for
ways to restrict user access to IE settings which in my opinion the less they have
the better. --- Steve
"Jordan" <nojunk_allowed@nospam.com> wrote in message
news:eyCiuKcZEHA.3420@TK2MSFTNGP12.phx.gbl...
> I have setup and ISA server and purchased some additional monitoring/access
> control software for it. A lot of the rules on it are based on the users
> name. Unfortunatlely, my log is filled with a lot of items that show user
> anonymous connecting to a lot of thing instead of DOMAIN\Username.
>
> Is there a GP that I can use to make it so IE will not try an anonymous
> connection and if so, will this have any negative impact?
>
>
Related ressources:
- ForumCan company monitor your web browsing activities?
- ForumEvent ID 538 Logon Type 3 NT AUTHORITY/ ANONYMOUS LOGON
- ForumAnonymous Logon
- ForumBrowsing is fast but donloading in torrent is very slow
- ForumLimit browsing to 5 sites/block the rest of the web
- ForumCan you block inprivate browsing
- ForumYour thoughts on InPrivate Browsing .
- ForumProblems with WinXP SP2 and Group Policy Software Install
- ForumRestricting Users From Browsing Internet Sites
- Forumunsucessful msi package deployment using Group Policy (pls..
- ForumVPN For Security-noob
- ForumNewegg eats your soul
- ForumAcessing computers over the network
- ForumWin2000 User group Managment - controlled web access
- ForumRemote Desktop Web connection
- ForumBlocking Access to web -based email
- ForumParallel and com ports not appearing in device manager
- ForumDisabling the Default Domain Policy
- Forum2000 Server Policy on XP Client
- Forummap a drive or add a printer in the group policy?
- More resources
!
