Solved

Restrict Internet Access for Employees

Posted on 2009-04-13
12
411 Views
Last Modified: 2012-05-06
Hi there!
We have a small network of 25 computers (pcs and macs)
Since most of the employees work on a computer, they waste a lot of time surfing and shopping online.
We would like to restrict internet access to only few websites during all hours.
during lunch hours (or after work hours) the access should be open to all sites.
Is there any hardware based (router) solution which gives us flexibility to set different rules for different users? I know few software based solutions, but they cannot restrict mac from accessing internet.
Thanks for any help.
Pradeep
0
Comment
Question by:avrbhv74
  • 4
  • 3
  • 2
  • +3
12 Comments
 
LVL 3

Expert Comment

by:jscornerstone
Comment Utility
http://www.howtoforge.com/blocking-webpages-based-on-keywords-or-phrases-with-safesquid-proxy

check this out, if it's too complicated, just ask me if you need more help.  i know of one website which will allow you to block certain websites for any computer.
0
 
LVL 5

Expert Comment

by:brandonvmoore
Comment Utility
I'm not entirely sure how doing this is implemented, but I know that you can set it up so that the sites get filtered 'before' it gets to the client computers so that it doesn't matter if it's pc/mac/linux/whatever.  However, if you don't already have the stuff in place to enable this functionality then I would probably look into approaching it differently.

For starters, what kind of system do you have in place to measure employee's production?  You don't have to micromanage them, but you should have some sort of way to let the employees see what they've accomplished.  Depending on the type of work they are doing this may be easy or difficult to figure out how to do.  I remember when I had an office job at Sears they weren't sure how to measure what I was doing because they didn't totally even understand what I was doing, so my manager actually asked me to help her come up with a system that would work for me.

On the other end, don't be tolerant of people who surf the web when they aren't supposed to.  Most users don't know anything about deleting their history, and even if they do you can install software that will track their internet usage if you need to.  Be upfront and let them know that their internet usage is monitored and disciplinary action up to and including termination will be enforced.
0
 
LVL 29

Accepted Solution

by:
Michael W earned 500 total points
Comment Utility
I recommend taking a look at open source Untangle (www.untangle.com) appliance platform. It's a downloadable ISO that you install on a separate PC with two network cards (three if you need a DMZ). Its all GUI-driven, thus easy to configure and manage. You do not have to install any software on the desktops. It's totally transparent to the users.

The Untangle appliance has a Web Content Control module that blocks user access to specific Internet websites. The Web Content Control also enables you to choose among these categories to define web content control policies in your workplace. You can also use custom URL blocklists for hosts, domains, and file types to block additional content.

Untangle Site:
http://www.untangle.com/

Untangle Product Overview:
http://www.untangle.com/Product-Overview

Untangle Demo/Video Overview
http://www.untangle.com/video_overview/
0
 
LVL 5

Expert Comment

by:brandonvmoore
Comment Utility
ps - I referring to a software solution in my paragraph, in case that wasn't clear.
0
 

Author Comment

by:avrbhv74
Comment Utility
Dear Brandonvmoore

Thanks for your reply. You bring home an important point about measuring employee's production. I have good system in place to measure productivity of sales people, but not for other support division. Guess I have to find more information in that area. Letting employees know that we are monitoring their internet usage is a good idea, however at this point I think i need a flexible solution (hardware or software) which will let me 'enforce' internet policy in our company.

Thanks for your help!
Pradeep
0
 
LVL 5

Expert Comment

by:brandonvmoore
Comment Utility
You should put on a show next time you catch someone.  Run up to their desk and throw their papers in the air and yell "YOUR FIRED!!!" real loud everyone to hear and carry on for a while.  Then you can calm down and say "I'm just kidding.  But seriously, stop using the internet when you're not supposed to."  

That'll should get everyone's attention ;)
0
Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

 

Author Comment

by:avrbhv74
Comment Utility
...haha...that gave me a good laugh. Seriously I tried to embarrass them by telling not to misuse internet in front of everybody but to no avail. I am dealing with Chinese staff here (our office is in Shanghai). After trying many measures I came to the conclusion that restricting internet access according to user and time would be an ideal solution.
0
 
LVL 5

Expert Comment

by:brandonvmoore
Comment Utility
Well, here's another tip for getting through to people that applies to more than just this area:

If you catch someone doing something their not supposed:
1) Ask them if they are aware of the rule they're breaking.
2) Ask them why they felt it was ok to disrespect your authority

This is a technique I use on little children, but sometimes adults need it to.  The key to why this works is because now they don't just think in terms of breaking some random company rule, but it's 'your' rule and it's offensive to you for them to break it.  Just as though they came up to your face and disrespected you.
0
 
LVL 6

Expert Comment

by:peter41
Comment Utility
BMF is traffic shaper for Windows and itprovides configuring by MAC addresses.
http://www.softinengines.com/
0
 
LVL 3

Expert Comment

by:jscornerstone
Comment Utility
I found the website that might help you.  It is called www.keepmeout.com. it might help you check it out.
0
 
LVL 1

Expert Comment

by:mpeacockbc
Comment Utility
I had the same problem as you for a long time, mainly with streaming media. Everyone in the office would listen to their own stations - it was quite the chaotic environment. I installed a ClarkConnect box - it is very similar to the Untangle system mentioned by mwecomputers above. All you need is a spare computer with two nics. Setup is fairly straight forward. I has lots of ability for blocking access to sites by address, type and even content.

( http://www.clarkconnect.com/ )
0
 

Author Closing Comment

by:avrbhv74
Comment Utility
Thanks mwecomputers! I think untangle is the solution I was looking for. The best part is that the basic functionality is free. I will be subscribing to some add-ons which doesn't cost much.
Thanks again!
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

Suggested Solutions

Title # Comments Views Activity
network + 7 72
OWA and AppPool problem 20 108
Encrypting LAN traffic 4 24
network monitoring tools / software 5 48
Getting hacked is no longer a matter or "if you get hacked" — the 2016 cyber threat landscape is now titled "when you get hacked." When it happens — will you be proactive, or reactive?
Transferring data across the virtual world became simpler but protecting it is becoming a real security challenge.  How to approach cyber security  in today's business world!
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

9 Experts available now in Live!

Get 1:1 Help Now