?
Solved

Blocking Web Site Access

Posted on 2007-11-20
9
Medium Priority
?
1,719 Views
Last Modified: 2010-04-21
We are looking into the options for blocking access to certain web sites from our LAN.
Server 2003 Sp1.
As near as I can tell there is no way to set this up within 2003. Is this correct?

Our ServGate firewall doesn't seem to have any options in this area but the manual is gone...as are they, it seems.

what are our options?
I have seen a 3rd party proxy application from Wavecrest called Cyblock that might be worth something but I need some input.




0
Comment
Question by:Prester John
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
9 Comments
 
LVL 30

Accepted Solution

by:
LauraEHunterMVP earned 400 total points
ID: 20324740
The built-in means to do this in 2003/Active Directory is not very manageable/scalable; it involves using Content Advisor settings in Internet Explorer: http://support.microsoft.com/kb/310401

For a more scalable alternative you'll need to look at third-party products, either software-based like ISA server or else an Internet security appliance from any number of vendors.
0
 
LVL 70

Assisted Solution

by:KCTS
KCTS earned 400 total points
ID: 20324752
You can do some stuff with the security features in XP/2003 eg http://www.wikihow.com/Block-a-Website-in-Internet-Explorer

but if you want to do this properly you will have to use a proxy server. These vary in features and price from ISA server http://www.microsoft.com/isaserver/default.mspx to acFreeProxy http://sourceforge.net/projects/acfreeproxy/

0
 
LVL 51

Assisted Solution

by:Netman66
Netman66 earned 400 total points
ID: 20324766
Or WinProxy.  A cheaper alternative to ISA (not nearly as Enterprise either) but it works well for the price.

Content Advisor works well is the sites are Rated.  If not, then the site is blocked unless you check the box to allow unrated sites (which IMHO kind of defeats the purpose).

Another method is to employ a HOSTS file that points these sites to the local loopback address.  Use a Startup script to copy the new file after each update.  You'll find this in \Windows\System32\Drivers\etc.
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 
LVL 74

Assisted Solution

by:Jeffrey Kane - TechSoEasy
Jeffrey Kane - TechSoEasy earned 240 total points
ID: 20324774
StoneG,

You might find this interesting: http:Q_22644344.html, but it's actually a solution to limit ALL but a FEW instead of the other way around.

Depending on the size of your network, there are other ways to just block specific sites as well.  For instance on a smaller network, most smaller routers have web filtering capabilities.


Jeff
TechSoEasy
0
 
LVL 3

Assisted Solution

by:Tom-J-Lael
Tom-J-Lael earned 280 total points
ID: 20324912
This is what I've done in the past. it's a semi interesting approach IMHO...

*IF* you use an internal DNS server:


Create Foward lookup zones for domains you want to block and leave those zones empty.

**Please Note**

This is not going to prevent users from changing what DNS servers they point their machines to.

It's not going to prevent users from using open proxies. You'll need third party software or proxy service for that.

but, I'd like to believe the average user won't put that much effort into trying to browse myspace or whatever...
0
 
LVL 15

Assisted Solution

by:wingatesl
wingatesl earned 280 total points
ID: 20325656
You can install a trial of Surfcontrol Web Filter from www.surfcontrol.com
When the trial expires it will still block the websites you are after.
0
 
LVL 10

Author Comment

by:Prester John
ID: 20329799
Thanks for the input everybody.

I'll look at what has been presented ^ and get back in a few days.
0
 
LVL 10

Author Closing Comment

by:Prester John
ID: 31410271
Passing this problem back to the [ahem] who proposed it because [ahem] is po'd at a VP.

[heh heh]


Thanks for the participation & the good info!
0
 
LVL 10

Author Comment

by:Prester John
ID: 20339804
{stupid option}  what the point of the "additional comments" when selecting the answer & point distribution if they don't show up here?   {stupid option }

Again:

I'm passing this back to [ahem] who proposed this just because [ahem] is po'd at a VP.

[heh heh]



Thanks for the good information, all.
I'm sure it will come in handy in the future.
0

Featured Post

On Demand Webinar: Networking for the Cloud Era

Did you know SD-WANs can improve network connectivity? Check out this webinar to learn how an SD-WAN simplified, one-click tool can help you migrate and manage data in the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

There is a lot to be said for protecting yourself and your accounts with 2 factor authentication.  I found to my own chagrin, that there is a big downside as well.
This process allows computer passwords to be managed and secured without using LAPS. This is an improvement on an existing process, enhanced to store password encrypted, instead of clear-text files within SQL
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Suggested Courses

801 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question