leftwing27
asked on
Group policy to restrict internet access
How can I restrict access to the internet using group policy? For instance, some businesses do not allow access to webmail sites. If not through group policy, how is this accomplished?
Thanks
Thanks
-There is the IEAK (internet Explorer Administration Kit) which can be deployed using Group Policy and within that you can create blocked or allowed sites, but it is difficult to maintain.
-Most often it is done using routers that have the capability of allowing or blocking sites
-The best method however is to set up a proxy server. The proxy server will allow you to easily control access to sites, monitor activity, and cache frequently accessed pages to improve efficiency. Some possibilities are:
http://www.computalynx.net/software/cproxy/features.asp
http://www.websense.com
http://www.surfcontrol.com/
http://www.rhinosoft.com/AllegroSurf/
-Most often it is done using routers that have the capability of allowing or blocking sites
-The best method however is to set up a proxy server. The proxy server will allow you to easily control access to sites, monitor activity, and cache frequently accessed pages to improve efficiency. Some possibilities are:
http://www.computalynx.net/software/cproxy/features.asp
http://www.websense.com
http://www.surfcontrol.com/
http://www.rhinosoft.com/AllegroSurf/
1.To setup Group Policy to restrict Internet Access,
a. Active Directory Users and Computers to create a group policy.
b. Click User configuration>Windows Settings>Internet Explorer Maintenance>Connection
c. Check enable proxy Settings and type a fake IP address, for example 192.x.x.x on HTTP
d. Under exception, type the web server IP address, for example 192.xx.xx.xx (Figure).
You can also disable/hide the lan settings page in IE as well so savy users cannot change it.
If you need to restrict very few websites ,you can do this.
http://technet.microsoft.com/en-us/magazine/cc160780.aspx
2.This is actually a free tool called URLLock that might be useful https://www.moonlightdesign.org/urllock/Main_Page
3.Content Advisor
http://www.microsoft.com/technet/prodtechnol/ie/reskit/6/part2/c05ie6rk.mspx?mfr=true
Internet Explorer 6 Security and Privacy Essentials
http://www.microsoft.com/technet/prodtechnol/ie/reskit/6/part2/c05ie6rk.mspx?mfr=true
HOW TO: Use the Internet Explorer 6 Content Advisor to Control Access to Web Sites in Internet Explorer
http://support.microsoft.com/kb/310401
Browse the Web with Internet Explorer 6 and Content Advisor
http://www.microsoft.com/windows/ie/ie6/using/howto/security/contentadv/config.mspx
a. Active Directory Users and Computers to create a group policy.
b. Click User configuration>Windows Settings>Internet Explorer Maintenance>Connection
c. Check enable proxy Settings and type a fake IP address, for example 192.x.x.x on HTTP
d. Under exception, type the web server IP address, for example 192.xx.xx.xx (Figure).
You can also disable/hide the lan settings page in IE as well so savy users cannot change it.
If you need to restrict very few websites ,you can do this.
http://technet.microsoft.com/en-us/magazine/cc160780.aspx
2.This is actually a free tool called URLLock that might be useful https://www.moonlightdesign.org/urllock/Main_Page
3.Content Advisor
http://www.microsoft.com/technet/prodtechnol/ie/reskit/6/part2/c05ie6rk.mspx?mfr=true
Internet Explorer 6 Security and Privacy Essentials
http://www.microsoft.com/technet/prodtechnol/ie/reskit/6/part2/c05ie6rk.mspx?mfr=true
HOW TO: Use the Internet Explorer 6 Content Advisor to Control Access to Web Sites in Internet Explorer
http://support.microsoft.com/kb/310401
Browse the Web with Internet Explorer 6 and Content Advisor
http://www.microsoft.com/windows/ie/ie6/using/howto/security/contentadv/config.mspx
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
sk_raja_raja as mentioned before please quote your sources. Experts-Exchange does not condone plagiarism
https://www.experts-exchange.com/questions/23059014/Can-group-policy-be-used-to-restrict-internet-access-to-certain-users-or-pc's.html
https://www.experts-exchange.com/questions/21744087/Restrict-Internet-access.html
and so on.
https://www.experts-exchange.com/questions/23059014/Can-group-policy-be-used-to-restrict-internet-access-to-certain-users-or-pc's.html
https://www.experts-exchange.com/questions/21744087/Restrict-Internet-access.html
and so on.
https://www.experts-exchange.com/questions/21226658/Restrict-Internet-Access-using-Content-Advisor-and-Group-Policy.html
But you could also accomplish this with a subscription based URL filtering solution like Websence URL Filter
Or a hardware solution like this, http://www.barracudadeals.com/products/web-filter/
or a ISA Server