Testing Filter Settings and Performance

We recommend that your HTTP filter settings be tested in a laboratory setting before being used in production for several reasons:

  • Use of these tags and commands in HTTP filtering can impact legitimate application publishing. For example, an application can include a command in a URL such as: http://www.fabrikam.com/xys.asp?GetFile=news.abc. This would be blocked by ISA Server if you added the string GetFile to a list of signatures to block.
  • Applications using XML and SOAP may include tags that may be blocked by using an extensive list of signatures in the HTTP filter. By broadening your list of blocked commands and tags, you are more likely to impact the filtering of XML and SOAP applications that commonly use those tags. In this case, you can use the information in the ISA Server log to determine the reason an application was blocked, and use that information to fine-tune the HTTP filter.
  • A complex HTTP filter configuration can impact ISA Server performance. For more information about performance, see the document Best Practices for Performance in ISA Server 2006 at the Microsoft TechNet Web site.