Solved

Restricting Viewable Websites for group in Windows 2003 domain

Posted on 2006-07-10
5
173 Views
Last Modified: 2013-12-04
I have been tasked with restricting the websites viewable for a small group of employees.  They only need to be able to see 3-4 sites related to work.  I know I can create a proxy server, but for a group this small I'd rather do it via group policy or content restrictions.

I added all the sites as approved in content advisor.  I have been unable to find a GP to block all sites not approved.

I also looked into the security zones, but didn't see anyway to block the internet and view only the trusted sites.

Suggestions?
0
Comment
Question by:kepro
  • 2
5 Comments
 
LVL 32

Expert Comment

by:rsivanandan
ID: 17074184
Simple solution would be to deal with DNS.

Remove DNS from all those machines for the 'small' group.

For these 3 or 4 sites, add dns entries in the 'hosts' file.

So they will be able to launch those sites while the other sites will timeout because of dns resolution.

Quick and neat.

Cheers,
Rajesh
0
 

Author Comment

by:kepro
ID: 17122333
Hmm I was thinking more along the lines of content advisor.  I've added all the sites.  Is there a way to prevent all sites not approved from being visited?
0
 
LVL 32

Accepted Solution

by:
rsivanandan earned 250 total points
ID: 17123218
Well, that will be too much :-) You can achieve that kind of granularity only through a commercial product;

www.websense.com

www.surfcontrol.com

www.n2h2.com

squid on linux etc...

For details on websense, look at one of my previous posts.

http://www.experts-exchange.com/Security/Win_Security/Q_21910905.html

Cheers,
Rajesh
0

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

As I write this article, I am finishing cleanup from the Qakbot virus variant found in the wild on April 18, 2011.  It was a messy beast that had varying levels of infection, speculated as being dependent on how long it resided on the infected syste…
Many people tend to confuse the function of a virus with the one of adware, this misunderstanding of the basic of what each software is and how it operates causes users and organizations to take the wrong security measures that would protect them ag…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question