• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 159
  • Last Modified:

Need FIREWALLL taht will block specific websites on a particuar computer within a network

I work a a school district connected with 2000+ computers.  Most "bad" websites are filtered.  But is there a firewall program that allows you to specify further sites that should be blocked?   The issue, of course, is that this has to work within a network as opposed to an individual home pc.
1 Solution
There are a couple of ways to do this.  The first way is free and involves identifying all the "bad" sites that you want to block by their IP addresses.  Then, you would configure your firewall to block outbound access to those IP addresses.  The pro to this method is the cost...free!  The con to this method is that it is administratively intensive.  The network administrator has to constantly check for bad sites, figure out the IP addresses associated with those sites and then modify the outbound ACL to block them.

The second way to do this is with content filtering software such as Websense or SurfControl.  I have personally used Websense and it is one of the best content filters on the market.  You have to pay for the software plus an annual subscription that entitles you to download the category database which is the brains behind the software.  A team of people at Websense constantly surf the Internet with the purpose of categorizing web sites such that Websense customers can filter based on category.  For instance, you can block all sites that are categorized as adult sites, shopping sites, violence/racist sites, and allow sports sites, IT related sites or anything else.  It can integrate with Active Directory as well such that you can filter based on user ID rather than a global policy that blocks the same stuff for everyone.  For instance, the CEO of a company can be allowed unrestricted Internet access, while the Engineering department only has access to business related websites.  The beauty of this type of filtering in a large environement is that the filtering policy follows the user and is not hard coded to an IP address or specific subnet.  You can check them out at http://www.websense.com.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

WEBINAR: GDPR Implemented - Tips & Lessons Learned

Join the WatchGuard team on Thursday, March 29th as we recount some valuable lessons learned in weighing the needs of a business against the new regulatory environment, look ahead at the two months left before implementation, and help you understand the steps you can take today!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now