Solved

Is there any way that we can give internet access on machine basis instead of users.We use ISA 2006.

Posted on 2007-12-04
12
267 Views
Last Modified: 2010-03-17
Hi,

Is there any way that we can give internet access on machine basis instead of users.We use ISA 2006.
So that any user who loggs in to the machine will have internet access
Regards
Sharath
0
Comment
Question by:bsharath
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 4
  • 2
  • +1
12 Comments
 
LVL 23

Expert Comment

by:Malli Boppe
ID: 20401965
Sharath

Move all the workstations to seperate OU and create group policy.with a dummpy proxy address.
move the all the other workstations to a different OU configure a group policy with a real time proxy address.

0
 
LVL 5

Expert Comment

by:balmasri
ID: 20402202
If your enviroment uses DHCP to distribute IP addresses, Then ON DHCP console reserve an IP address to the computer you want to allow to access the computer then
ON ISA Console
go to Firewall policy>toolbox>new>computer>Create a computer there.
Create an access rule in Firewall plolicy that allow this computer to access external.
0
 
LVL 11

Author Comment

by:bsharath
ID: 20402732
mboppe
Sorry could not follow your method...

balmasri
I need to do this for all the 3000+ computers?
0
NFR key for Veeam Backup for Microsoft Office 365

Veeam is happy to provide a free NFR license (for 1 year, up to 10 users). This license allows for the non‑production use of Veeam Backup for Microsoft Office 365 in your home lab without any feature limitations.

 
LVL 12

Expert Comment

by:chandru_sol
ID: 20404000
What is the need for doing this on computers rather than users?

regards
Chandru
0
 
LVL 11

Author Comment

by:bsharath
ID: 20404136
USers are using internet through Run as and i cannot remove run as as it is used for different applications.So though to plan of a way to give access to machines rather than users.
0
 
LVL 12

Expert Comment

by:chandru_sol
ID: 20404198
what is the credentials they are using for run as?
0
 
LVL 11

Author Comment

by:bsharath
ID: 20404256
They use there friends credentials that has internet permissions.
Say A has internet.
B uses A's credentials to access internet in his machine where in B should not use internet.
We have provided A internet access as he has to look for some materials for the project.

I know that disabling Run as may reduce the risk but need some other way.Monitoring and warning them is not too good as they repeat it again and again.
0
 
LVL 23

Expert Comment

by:Malli Boppe
ID: 20408690
Sharath
you didn't understand my method or you do not want to implement in your case
0
 
LVL 11

Author Comment

by:bsharath
ID: 20408700
mboppe
I did not understand your method...
0
 
LVL 23

Expert Comment

by:Malli Boppe
ID: 20408811
Move all the computers which neeed internet access and write a group policy
USer COnfig-Win Settings->IE Maintenance->Connection->Proxy Settings put a real proxy address( I assume that your are using the proxy address)

Move all the computers which doesn't need internet access and write a group policy with a dummy proxy address.
0
 
LVL 11

Author Comment

by:bsharath
ID: 20408830
mboppe

Users who have dummy proxy can always change the proxy matching othere and again start using Run As right?
0
 
LVL 23

Accepted Solution

by:
Malli Boppe earned 500 total points
ID: 20408937
you need to disbale with the group policy so that users cann't change the proxy address
COMP COnfig->aDMIN tEM->Wind Comp->IE->IE control Panel->Disbale connections Page
0

Featured Post

DevOps Toolchain Recommendations

Read this Gartner Research Note and discover how your IT organization can automate and optimize DevOps processes using a toolchain architecture.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Did you know that more than 4 billion data records have been recorded as lost or stolen since 2013? It was a staggering number brought to our attention during last week’s ManageEngine webinar, where attendees received a comprehensive look at the ma…
Active Directory security has been a hot topic of late, and for good reason. With 90% of the world’s organization using this system to manage access to all parts of their IT infrastructure, knowing how to protect against threats and keep vulnerabil…
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question