We help IT Professionals succeed at work.

We've partnered with Certified Experts, Carl Webster and Richard Faulkner, to bring you a podcast all about Citrix Workspace, moving to the cloud, and analytics & intelligence. Episode 2 coming soon!Listen Now

x

url filtering

mhab12
mhab12 asked
on
Medium Priority
2,643 Views
Last Modified: 2008-01-09
What is the best free solution to provide access to only a select set of websites like a white list.  Our office currently uses a WebRamp (RampNetworks was purchased by Nokia and later shut down).  It is limited to 255 allowed addresses.  I was looking at using IPCop with the URL Filter add on.  I'm comfortable with installing a router package like those and M0n0wall, but probably wouldn't make it through manually configuring Squid or the like.  Thoughts on Redwall fireall, pfSense, Smoothwall?  Any insight would be great.  Thanks.
Comment
Watch Question

Sr. Systems Engineer
CERTIFIED EXPERT
Top Expert 2008
Commented:
Do you have a Windows server and do you have an internal DNS?
An internal DNS server is the simplest solution. Don't add forwarders or root hints, just add records for those individual sites that you want to connect to. Block outbound dns at the router.
What type of WAN connection do you have? Many routers like Linksys have this capability to set up a white list.

Not the solution you were looking for? Getting a personalized solution is easy.

Ask the Experts

Author

Commented:
We do run a Windows DNS server, however the issue is that certain clients use a different default gateway to have unrestricted access while others use this gateway to receive only filtered access.  Both groups of clients use the same DNS server for local name resolution, and right now for WAN name resolution as well.

More of my current situation is in a another question...
http://www.experts-exchange.com/Networking/Q_22049832.html
Les MooreSr. Systems Engineer
CERTIFIED EXPERT
Top Expert 2008

Commented:
A 2nd DNS server would be simple to set up. One to serve only the restricted users.

Any Windows server or any Linux box would work.

Author

Commented:
What would be the situation with an unrestricted client from DNS1 trying to access a restricted DHCP client from DNS2 or vice versa?  Currently records are created via DHCP or by Windows clients (register this connection's address in DNS).  I really like your solution and can't believe how easy it would be to administer.  Talk me through how the two DNS databases could be synced or otherwise communicate.

Author

Commented:
Another thought...would these entries in the filtering DNS server be static?  Would I have to update them whenever the target IP of a given URL actually changed?
Top Expert 2006
Commented:
You can use a proxy server. If you want you can buy WinProxy. It has URL filtering support.

If you don't want to buy one, then you can try SquidNT. Its a squid proxy server for Windows Platform.
And you can configure it to do the URL filtering.
Les MooreSr. Systems Engineer
CERTIFIED EXPERT
Top Expert 2008

Commented:
That's one problem with a white list. It's a manual process and urls and ips are always subject to change.
Access more of Experts Exchange with a free account
Thanks for using Experts Exchange.

Create a free account to continue.

Limited access with a free account allows you to:

  • View three pieces of content (articles, solutions, posts, and videos)
  • Ask the experts questions (counted toward content limit)
  • Customize your dashboard and profile

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.