From the
ISA Server console, individual rule elements can be locked down to be accessible from
only particular users, via the Users tab under Access Rules.
NOTE
Per-user firewall rule configuration is limited to Access rules, and is not available for
server-based publishing rules.
To illustrate this concept, the following steps will modify an existing rule that allows web
browsing access to the Internet only to members of the AD Group called Management:
1. From the ISA Server Management Console, choose Firewall Policy from the console
tree.
2. In the Details pane, double-click on the rule to be modified. (For information on
how to create firewall policy rules, refer to Chapter 5, ???Deploying ISA Server 2006 as
a Firewall.???)
3. Select the Users tab, click on All Users, and click Remove.
4. Click the Add button on the top field.
5. Under User Sets, click New.
6. At the Welcome dialog box, enter a name for the User Set??”such as Management??”
and click Next.
310 CHAPTER 11 Understanding Client Deployment Scenarios with ISA Server 2006
7. Under the Users dialog box, click Add, Windows Users and Groups.
NOTE
The same concept applies if the ISA server is not a domain member and uses RADIUS
groups for authentication.
Pages:
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523