Blocking internet access to machines on a network


Are there any applications out there that can block access to the internet over a network. So from me PC i can block access to a certain computer on the network. I found Internet Access Controller 2007 but that has to be install in each individual machine and cannot block over the network.

Can anyone name me some software which does this?

Thanks in advance!
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

why dont you use mac filtering on your router? I know that works great, because I am using that :D
matrix_aashAuthor Commented:
This is within a company. We have lots of switches and routers connection from a bussiness internet line. I wish it was as simple as doing mac filtering! The only way i could do this is on our wireless router but everyone who access that is allowed on the internet.
I guess you should use a proxy with authentication. With this you can block internet access and also monitor everything.
Increase Security & Decrease Risk with NSPM Tools

Analyst firm, Enterprise Management Associates (EMA) reveals significant benefits to enterprises when using Network Security Policy Management (NSPM) solutions, while organizations without, experienced issues including non standard security policies and failed cloud migrations

Aaron StreetInfrastructure ManagerCommented:
yep we use a proxy with authentication..

then we have a security group (or two in AD that has permissions to the proxy)

users are added or removed to these group depending if they have internet access or not..

and as only the proxy server can get out to the internet. then any one not in the groups are blocked.

you can also allow diffefent access depening on whaich group they are in. so you can have an unrestriced group for IT admins (letting you download and go to all sites.)

and more restricted for other uese. even doing things like blocking face book out side of break time..

for good control its a great way to go, and with a caching proxy you also reduce WAN usage
matrix_aashAuthor Commented:
Do you know an estimated cost of Websense?
Websense is good, but expensive.  A good product I have used is untangle.  It is just as good, user friendly and very powerful.
You could also use group policy to block running the application.

Aaron StreetInfrastructure ManagerCommented:
or you could use gp to close ports in the firewall to prevent web access..
so basicly turn of http traffic in windeows fire wall using GP's
There are also several OpenSource applications that can do this which are complete Linux distros you install on a multi-homed PC. They are firewall-routers, (with lots of other stuff) which can do the job for you very easily. They all have web based interfaces and you can turn off a PC via IP/MAC, set a time they can go to the Internet and lots of other stuff.

I am and have been an advocate of ClarkConnect, thier community edition. It is free. Works well and you can simply do a lot with it, including what you want to do.

Check it out;


Again, all you need is an older unused PC with a couple of NICs.


Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Question, you said you have a company network.  Is there some type of Proxy or Firewall currently protecting the network?

Comment: WebSense, SurfControl, GFI are all fine for URL filtering but if I heard your question you want to allow all axcept a few machines access the Internet.

If I knew more of what your had currently it would be easier to suggest a path forward.

We use a product called IPRISM.  At the firewall level just create a rule to block that specific PC from port 80.  
Hmmm.... without further reasoning from the asker, matrix_aash, why he wants to close this thread;

I object.

There are several good and accurate answers to his question!

It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Network Management

From novice to tech pro — start learning today.