In this chapter, we covered many subjects related to outbound access controls. One of the first issues you need to address is how to control access to external resources. Allowing unfettered access to external resources can have severe negative consequences on available bandwidth and on the legal health of your organization.

You learned how to configure your server to support outbound access and how the Network Configuration Setting fit into the equation. Firewall and Web proxy routing allow you

to control how request from SecureNAT and firewall clients are handled by the ISA server and allow you to control what servers are responsible for what requests.

After configuring the server to support outbound access, you can begin the process of configuring an outbound access policy. Access policies are configured using rules, in particular site and content and protocol rules. IP packet filters are also sometimes used to control outbound access.

Before site and content and protocol rules can be created, you need to create the policy elements to support the rules. Policy elements are used to define things such as destination sets and protocols that can be used in rules. After the policy elements are complete, you can create rules based on them.

Site and content and protocol rules are used to control both outbound and inbound access. Inbound access rules are more commonly referred to as publishing rules. For an outbound access request to be allowed, there must be both a site and content rule and