• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 183
  • Last Modified:

Restricting Viewable Websites for group in Windows 2003 domain

I have been tasked with restricting the websites viewable for a small group of employees.  They only need to be able to see 3-4 sites related to work.  I know I can create a proxy server, but for a group this small I'd rather do it via group policy or content restrictions.

I added all the sites as approved in content advisor.  I have been unable to find a GP to block all sites not approved.

I also looked into the security zones, but didn't see anyway to block the internet and view only the trusted sites.

Suggestions?
0
kepro
Asked:
kepro
  • 2
1 Solution
 
rsivanandanCommented:
Simple solution would be to deal with DNS.

Remove DNS from all those machines for the 'small' group.

For these 3 or 4 sites, add dns entries in the 'hosts' file.

So they will be able to launch those sites while the other sites will timeout because of dns resolution.

Quick and neat.

Cheers,
Rajesh
0
 
keproAuthor Commented:
Hmm I was thinking more along the lines of content advisor.  I've added all the sites.  Is there a way to prevent all sites not approved from being visited?
0
 
rsivanandanCommented:
Well, that will be too much :-) You can achieve that kind of granularity only through a commercial product;

www.websense.com

www.surfcontrol.com

www.n2h2.com

squid on linux etc...

For details on websense, look at one of my previous posts.

http://www.experts-exchange.com/Security/Win_Security/Q_21910905.html

Cheers,
Rajesh
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now