In the console tree of ISA Server Management, click
In the details pane, click the applicable access rule or Web
On the Tasks tab, click Edit Selected Rule.
On the Traffic tab (for Web publishing rules) or on the
Protocols tab (for access rules), click Filtering,
and then click Configure HTTP.
On the General tab, do the following:
In Maximum URL length (bytes), type the maximum URL
length allowed. Requests with URLs exceeding this value will be
In Maximum query length (bytes), type the maximum length
of a query allowed in a request. Requests with queries exceeding
this value will be blocked.
Select Verify normalization to specify that URLs
containing escaped characters after normalization will be
Select Block high bit characters to specify that URLs
with high-bit characters will be blocked.
ISA Server does not support the use of International Domain
Name (IDN) URLs.
When you select Block high bit characters, URLs that
contain DBCS or Latin 1 characters will be blocked. This can
impact scenarios such as Microsoft Outlook Web Access publishing,
Microsoft SharePoint Portal Server publishing, and any scenario in
which a GET request passes a parameter that includes a character
from a double-byte character set.
To open ISA Server Management, click Start, point to
All Programs, point to Microsoft ISA Server, and then
click ISA Server Management.
For ISA Server 2006 Enterprise Edition, expand
Microsoft Internet Security and Acceleration
Server 2006, expand Arrays, expand
Array_Name, and then click Firewall
For ISA Server 2006 Standard Edition, expand Microsoft
Internet Security and Acceleration Server 2006, expand
Server_Name, and then click Firewall
After you click Apply in the details pane, the policy is
updated. The new policy applies only to new connections.