iptrader
asked on
Limit access to the internet on an individual basis
I work in a small company, about 200 users or so. Internet abuse is starting to become an issue and HR has asked us to do something about it. They want us to grant/deny Internet access rights based on need. What is the easiest way to do this in a Windows Server 2003/Windows XP environment?
Thanks in advance,
IPT
Thanks in advance,
IPT
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
You can also do that with Group policies that either allow or deny IE use for a group of users
You can block Internet Explorer with group policy, but this does nothing to control Internet Access...it just controls IE. A user can still run firefox or another browser and go anywhere on the web they want and you can even run firefox from a usb drive :)
For some that may be enough, but if you are looking for a complete Internet control solution then a proxy or a firewall is what you are going to need.
For some that may be enough, but if you are looking for a complete Internet control solution then a proxy or a firewall is what you are going to need.
Also take a look at SpectorCNE Software
can I just make another point everyone seems to have forgotten :) IE blocking won't just block them from using it for the internet, it'll stop internal web browsing as well.
If you want more information on ISA, there's a wealth of information at http://isaserver.org and as scampgb suggested it'll do everything you want plus a bit more (it's actually turning into a pretty decent piece of firewall software as well as the proxy stuff it started out as).
You can get as granular as allowing specific people certain amounts of bandwidth during certain times, restricting site access, port restrictions, logging of traffic, etc.. and you can base everything on your existing domain accounts and groups. It's not overly cheap though (cheap-er for govt and academic institutions), so with only 200 users another less expensive option may fulfil your requirements.
If you want more information on ISA, there's a wealth of information at http://isaserver.org and as scampgb suggested it'll do everything you want plus a bit more (it's actually turning into a pretty decent piece of firewall software as well as the proxy stuff it started out as).
You can get as granular as allowing specific people certain amounts of bandwidth during certain times, restricting site access, port restrictions, logging of traffic, etc.. and you can base everything on your existing domain accounts and groups. It's not overly cheap though (cheap-er for govt and academic institutions), so with only 200 users another less expensive option may fulfil your requirements.
Hi iptrader - can you please provide some feedback to the experts on this question? Do you want some clarification on any of the suggestions?
If this question is resolved and you don't know how to close it, the options are here: https://www.experts-exchange.com/help.jsp#hs5
thanks!
If this question is resolved and you don't know how to close it, the options are here: https://www.experts-exchange.com/help.jsp#hs5
thanks!