• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 167
  • Last Modified:

ACL in Firewall

Dea All

I have a group of 60 users, I want to give them the access to the internet only and to prevent them from accessing Msn and other sites.


Thanks
0
ibmas4002
Asked:
ibmas4002
  • 2
1 Solution
 
td_milesCommented:
It depends on your firewall, what do you have ?

Your best bet is probably to use a filtering proxy server like Web Marshal, Suff Patrol, Squid, etc as these are deisgned to blcok content, whereas most firewalls don't do content filtering as good as these purpose-made products.
0
 
srikrishnakCommented:
Agree...regular firewalls may not be able to do the job...i suggest you can install these kind of content blocking softwares along with ISA or your proxy...of if you want to block the HTTP access from your work place n give access to mail then its much easier...
0
 
srikrishnakCommented:
Or as your title suggests if you want to do the job with simple ACL...i am afraid it may not possible..theoretically its possible but there are plenty of work arounds that end user can use to bypass tht...
0
 
jabiiiCommented:
With just an ACL most FW's are top down. so you would simply put a blocking acl from the users IP to the destination group of IP.s which ofc would mean you would have to figure out what all you want to block and add them to that group. then put an allow acl underneath.

But I aggree you should use a proxy server.
0

Featured Post

Important Lessons on Recovering from Petya

In their most recent webinar, Skyport Systems explores ways to isolate and protect critical databases to keep the core of your company safe from harm.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now