How can I block some webites (Facebook.com) form being accessed by all network users within a Windows server 2003 domain?

Hi,

I need to know how can I go about blocking some users within a Windos server 2003 domain to access and view some websites in particular www.facebook.com? However I would like if possible to allow those users to access those blocked websites but only one or two hours a day.
I have a windows server 2003 with DNS and DHCP installed.
Can I configure DNS on the server in order to archive that?
I do not want to configure each computer manually!
WLMNAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

felnyCommented:
Here there are a couple of software that could help you.

In your case, i would prefer surfcontrol. It is a good one, and ease to manag.

http://www.surfcontrol.com/
http://www.microsoft.com/isaserver/default.mspx
0
lrmooreCommented:
Create a bogus dns zone for facebook.com and an A record for www pointing to a local IP address that does not have a web server running.
Quick and dirty, zero cost.

0
WLMNAuthor Commented:
Hi,
How can I create a Bogus DNS zone for facebook.com and an A record record for www pointing to a local IP Address?
0
Challenges in Government Cyber Security

Has cyber security been a challenge in your government organization? Are you looking to improve your government's network security? Learn more about how to improve your government organization's security by viewing our on-demand webinar!

lrmooreCommented:
Go into your local DNS server, create a new zone called facebook.com, then create a new A record in that zone for host www and give it an ip address on your local LAN.
As long as local clients point to your DNS server they will never get a proper name resolution for www.facebook.com. Some users may be smart enough to figure out the IP address on their own and still be able to go directly to the IP address. To get around that, block the IP at the firewall.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
WLMNAuthor Commented:
Hi,
If the IP Address of www.facebook.com is blocked on the firewall or internet router, What is the point is creating a DNS zone?
0
lrmooreCommented:
The IP's can change, the name won't.
Only the most saavy users will find a way around it and if you have that many saavy users and this is a problem, then you need to look at alternatives like a web content filter.
0
WLMNAuthor Commented:
Hi,
Thanks for the above answers.
ok...I understand you now..
I will try that and let you know abot the outcome!
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
DNS

From novice to tech pro — start learning today.