Improve company productivity with a Business Account.Sign Up

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 328
  • Last Modified:

Block all web access with exceptions

Basically we have just istalled sbs 2003 and the boss wants to block all internet access with the exception of a few sites that staff need to access. There is msn use, facebook etc not to mention game playing.
We are SBS 2003 premium (not r2) and too late for the isa update that i believe had to be ordered on disk.
There are 3 -4 sites that we want to restrict users to (power users must still have al l access) and of course still allow pc's to update.
Clients currently view internet via proxy server on port 8080 - isa server.

Now I am rather green at this - did not set up the proxy server myself although did install the server / network etc - so please keep instructions as basic and step by step as possible.

Thanks - Brett.
0
Brett_Parker
Asked:
Brett_Parker
  • 3
  • 2
1 Solution
 
DonNetwork AdministratorCommented:
0
 
Brett_ParkerAuthor Commented:
Thanks,

I will give it a go this evening - i am a little suprised as i thought the ISA could stop sites.

Brett.
0
 
Brett_ParkerAuthor Commented:
OK,
Well i have given it a go.

It does not seem as though you can set groups with permissions (as i mentioned above it is only those listed as 'users' we wish to stop - all power users must still have access to the entire web) unless a second static ip address is purchased.

also, our main problems are facebook and MSN - the open dns works fine and blocks myspace, porn sites etc. However i am still able to view Facebook on client workstations, have not tested MSN yet but to be honest if this cant block facebook then it is of no use.

i did try and leave a message on their forum, 8 times in fact but for some reason the page timed out (maybe they are blocking parts of their own site - who knows) so decided to return here for further guidance.

If ISA cannot do this (our previous network ran through a netgear router and there was no problems at all) is it really worth the money? i feel sure as a firewall it must have the ability to block all sites for clients in the users group (with a few exceptions) whilst letting power users connect to everything?


Regards - Brett
0
 
DonNetwork AdministratorCommented:
Try windows steady state
http://www.microsoft.com/downloads/details.aspx?FamilyID=d077a52d-93e9-4b02-bd95-9d770ccdb431&displaylang=en
 
You can configure the machines so that they can only go to sites you specify. You will find many other settings you might find useful as well.
0
 
Brett_ParkerAuthor Commented:
Hello again,

I found other settings that are usefull (an answer to the MSN problem) however when reading the documentation this will not work if connection is through a proxy server (which is how the workstations connect).

Would it be possible to create a second proxy on a different port - block all sites with exceptions and point the users to that whilst the power usuers continue to access through the original?

Brett.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

The 14th Annual Expert Award Winners

The results are in! Meet the top members of our 2017 Expert Awards. Congratulations to all who qualified!

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now