Solved

Block all web access with exceptions

Posted on 2009-04-13
5
321 Views
Last Modified: 2012-05-06
Basically we have just istalled sbs 2003 and the boss wants to block all internet access with the exception of a few sites that staff need to access. There is msn use, facebook etc not to mention game playing.
We are SBS 2003 premium (not r2) and too late for the isa update that i believe had to be ordered on disk.
There are 3 -4 sites that we want to restrict users to (power users must still have al l access) and of course still allow pc's to update.
Clients currently view internet via proxy server on port 8080 - isa server.

Now I am rather green at this - did not set up the proxy server myself although did install the server / network etc - so please keep instructions as basic and step by step as possible.

Thanks - Brett.
0
Comment
Question by:Brett_Parker
  • 3
  • 2
5 Comments
 
LVL 47

Expert Comment

by:Donald Stewart
ID: 24133232
0
 

Author Comment

by:Brett_Parker
ID: 24136052
Thanks,

I will give it a go this evening - i am a little suprised as i thought the ISA could stop sites.

Brett.
0
 

Author Comment

by:Brett_Parker
ID: 24151145
OK,
Well i have given it a go.

It does not seem as though you can set groups with permissions (as i mentioned above it is only those listed as 'users' we wish to stop - all power users must still have access to the entire web) unless a second static ip address is purchased.

also, our main problems are facebook and MSN - the open dns works fine and blocks myspace, porn sites etc. However i am still able to view Facebook on client workstations, have not tested MSN yet but to be honest if this cant block facebook then it is of no use.

i did try and leave a message on their forum, 8 times in fact but for some reason the page timed out (maybe they are blocking parts of their own site - who knows) so decided to return here for further guidance.

If ISA cannot do this (our previous network ran through a netgear router and there was no problems at all) is it really worth the money? i feel sure as a firewall it must have the ability to block all sites for clients in the users group (with a few exceptions) whilst letting power users connect to everything?


Regards - Brett
0
 
LVL 47

Expert Comment

by:Donald Stewart
ID: 24151260
Try windows steady state
http://www.microsoft.com/downloads/details.aspx?FamilyID=d077a52d-93e9-4b02-bd95-9d770ccdb431&displaylang=en
 
You can configure the machines so that they can only go to sites you specify. You will find many other settings you might find useful as well.
0
 

Accepted Solution

by:
Brett_Parker earned 0 total points
ID: 24182708
Hello again,

I found other settings that are usefull (an answer to the MSN problem) however when reading the documentation this will not work if connection is through a proxy server (which is how the workstations connect).

Would it be possible to create a second proxy on a different port - block all sites with exceptions and point the users to that whilst the power usuers continue to access through the original?

Brett.
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In the event you manage a Small Business Server 2003, and you are audited for PCI compliance, there are several changes you must make in order to pass the audit. I can take no credit for discovering any of these fixes or workarounds, but there is no…
Introduction At 19:33 (UST) on Tuesday 21st September the long awaited email arrived with the subject title of “ANNOUNCING THE AVAILABILITY OF WINDOWS SBS 7 PREVIEW”.  It was time to drop whatever I was doing and dedicate as much bandwidth as possi…
Two types of users will appreciate AOMEI Backupper Pro: 1 - Those with PCIe drives (and haven't found cloning software that works on them). 2 - Those who want a fast clone of their boot drive (no re-boots needed) and it can clone your drive wh…
Although Jacob Bernoulli (1654-1705) has been credited as the creator of "Binomial Distribution Table", Gottfried Leibniz (1646-1716) did his dissertation on the subject in 1666; Leibniz you may recall is the co-inventor of "Calculus" and beat Isaac…

830 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question