Using the ISA HTTP Filter To Modify Via Headers And Prevent Information Disclosure

One feature that perhaps doesn’t get enough attention is the HTTP Security Filter. The HTTP Securityimage Filter is included with both ISA and TMG firewalls and can be configured on a per Web Publishing Rule  basis. The HTTP Security Filter allows you to control many aspects of the HTTP communication between the source and destination for both inbound and outbound connections.

When configuring the HTTP Security Filter for inbound connections, you can take advantage of the settings on the Headers tab. One useful implementation is to configure the Server Header and the Via Header returned by the ISA or TMG firewall.

Want to know how to do it? Then check out Richard Hicks’ blog over at

http://tmgblog.richardhicks.com/2009/03/27/using-the-isa-http-filter-to-modify-via-headers-and-prevent-information-disclosure/

and get the details.

HTH,

Tom

Thomas W Shinder, M.D., MCSE
Sr. Consultant / Technical Writer

image
Prowess Consulting www.prowessconsulting.com

PROWESS CONSULTING | Microsoft Forefront Security Specialist
Email: [email protected]
MVP — Forefront Edge Security (ISA/TMG/IAG)

Leave a Comment

Your email address will not be published.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Scroll to Top