Guidelines for Designing an Internet Usage Policy :
One of the first steps that an organization must take, as it prepares to grant access to Internet resources, is to define an Internet usage policy. An Internet usage policy defines what actions users are allowed to perform while they are connected to the Internet. The Internet usage policy becomes the basis for configuring the ISA Server settings to provide secure access to the Internet.
Internet usage policies should do the following:
1- Describe the need for an Internet usage policy. At first, users may resist the policy because they may interpret the policy as arbitrarily and without any business reason limiting what they can do. The policy should define exactly why the policy is being created. For many organizations, there are clear legal requirements for creating a policy that limits what users can do, especially for organizations that
work with confidential and private client information. Frequently, understanding the rationale for a policy greatly decreases the resistance to the policy.
2- Describe what the policy covers. The policy must include specific descriptions of what is acceptable and unacceptable Internet usage. This policy may define which applications can be used to access Internet resources, or what Internet resources can be accessed, as well as what applications and resources are denied by the policy.
3- Identify the people within the organization who are responsible for creating and enforcing the policy. If users have questions about the policy, or if policy restrictions prevent users from accessing resources that they need to do their jobs, users must have the means of resolving these issues. The easiest way to ensure this resolution is to provide users with the contacts they can use to get their
answers quickly.
4- Define how violations are handled. The policy must define exactly what will happen to users who violate the security policy. Many security policies include levels of disciplinary action depending on the severity or recurrence of policy violations.
Now that you have developed the Internet usage policy, you are ready to implement that policy. Many of the restrictions that you have defined in the policy can be implemented using ISA Server to block access to specified resources.
ISA Server provides the following functionality to enable secure access:
1- Implementing ISA Server as a firewall ISA Server provides a complete firewall solution that enables multilayer filtering. As a firewall, ISA Server secures access to the Internet by ensuring that no unauthorized traffic can enter the internal network.
2- Implementing ISA Server as a proxy server When Firewall clients and Web Proxy clients connect to the ISA Server to gain access to Internet resources, ISA Server acts as a proxy server. ISA Server accepts the client request for Internet content, and then creates a new request that it sends to the Internet server. ISA Server hides the details of the internal network from the Internet. Only the ISA Server’s external IP address is transmitted on the Internet.
3- Using ISA Server to implement the organization’s Internet usage policy ISA Server can be used to implement many Internet-use restrictions.
