I'm often asked if the ISA Firewall can help block cross site scripting attacks. Blocking this types of attacks can be challenging, because often when you configure a security device to help protect you against these attacks, you run the risk of blocking accept to legitimate sites. However, with that said, you can use the ISA Firewall to help block cross site scripting attacks and then monitor for the effects your changes have made for legitimate Web site access.
What you need to do is block keywords common used in cross site scripting attacks. You can do this with the HTTP Security Filter included with the ISA Firewall. Examples of the keywords include:
For more information on using the ISA Firewall to block Cross Site Scripting attacks, check out: