Solved

Restricting Viewable Websites for group in Windows 2003 domain

Posted on 2006-07-10
5
170 Views
Last Modified: 2013-12-04
I have been tasked with restricting the websites viewable for a small group of employees.  They only need to be able to see 3-4 sites related to work.  I know I can create a proxy server, but for a group this small I'd rather do it via group policy or content restrictions.

I added all the sites as approved in content advisor.  I have been unable to find a GP to block all sites not approved.

I also looked into the security zones, but didn't see anyway to block the internet and view only the trusted sites.

Suggestions?
0
Comment
Question by:kepro
  • 2
5 Comments
 
LVL 32

Expert Comment

by:rsivanandan
ID: 17074184
Simple solution would be to deal with DNS.

Remove DNS from all those machines for the 'small' group.

For these 3 or 4 sites, add dns entries in the 'hosts' file.

So they will be able to launch those sites while the other sites will timeout because of dns resolution.

Quick and neat.

Cheers,
Rajesh
0
 

Author Comment

by:kepro
ID: 17122333
Hmm I was thinking more along the lines of content advisor.  I've added all the sites.  Is there a way to prevent all sites not approved from being visited?
0
 
LVL 32

Accepted Solution

by:
rsivanandan earned 250 total points
ID: 17123218
Well, that will be too much :-) You can achieve that kind of granularity only through a commercial product;

www.websense.com

www.surfcontrol.com

www.n2h2.com

squid on linux etc...

For details on websense, look at one of my previous posts.

http://www.experts-exchange.com/Security/Win_Security/Q_21910905.html

Cheers,
Rajesh
0

Featured Post

New My Cloud Pro Series - organize everything!

With space to keep virtually everything, the My Cloud Pro Series offers your team the network storage to edit, save and share production files from anywhere with an internet connection. Compatible with both Mac and PC, you're able to protect your content regardless of OS.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Recently, a new law in my state forced us to get a top-to-bottom analysis of all of our contract client's networks. While we have documentation, it was spotty at best for some - and in any event it needed to be checked against reality. That was m…
SHARE your personal details only on a NEED to basis. Take CHARGE and SECURE your IDENTITY. How do I then PROTECT myself and stay in charge of my own Personal details (and) - MY own WAY...
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
This is used to tweak the memory usage for your computer, it is used for servers more so than workstations but just be careful editing registry settings as it may cause irreversible results. I hold no responsibility for anything you do to the regist…

896 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now