aucklandnz
asked on
Firefox proxy
My GPO that sets the user's proxy settings in IE of
course does not work on users that run Firefox. Has anyone come up with a
solution to this?
course does not work on users that run Firefox. Has anyone come up with a
solution to this?
FireFoxADM will work however I decided not to install it and instead opted for setting the proxy to use a PAC file instead. We install Firefox on someones desk and point it to the PAC (Proxy auto-config) file and job done.
I did not want to install a Non Microsoft adm into our Domain so the PAC file was the only way.
More details on using a PAC file can be found here
http://msdn.microsoft.com/en-us/library/aa383910.aspx
Darren
I did not want to install a Non Microsoft adm into our Domain so the PAC file was the only way.
More details on using a PAC file can be found here
http://msdn.microsoft.com/en-us/library/aa383910.aspx
Darren
Either firefoxadm works (I never tested it), either you can ease the proxy setting definition on browser's side a bit, via a PAC file, as mentionned above, OR/AND via the WPAD protocol, to allow "automatic proxy detection" (see the checkbox in your browsers - IE as well as anything else):
You can read my post about WPAD & PAC file here : https://www.experts-exchange.com/questions/24343652/configure-wpad-on-DHCP.html
I hope this helps
You can read my post about WPAD & PAC file here : https://www.experts-exchange.com/questions/24343652/configure-wpad-on-DHCP.html
I hope this helps
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Probably.
I used transparent proxies because of some guys using portable applications, like portable firefox.
If you want to secure your outgoing connections, you'll have to force everyone / every browser to go thgrough the proxy
That requires outgoing restrictions, a transparent proxy and something quite simple to configure every browser
GPO for IE, Firefoxadm for Firefox and something simple for the rest, like automatic proxy detection (WPAD)
I'm just giving these information to make a complete solution
I used transparent proxies because of some guys using portable applications, like portable firefox.
If you want to secure your outgoing connections, you'll have to force everyone / every browser to go thgrough the proxy
That requires outgoing restrictions, a transparent proxy and something quite simple to configure every browser
GPO for IE, Firefoxadm for Firefox and something simple for the rest, like automatic proxy detection (WPAD)
I'm just giving these information to make a complete solution
Disabling USB ports took care of using portable apps for us :-)
portable apps don't mean "on USB", it can be locally
it doesn't require any admin privilege. You just download, unzip, launch
This kind of fight is endless
it doesn't require any admin privilege. You just download, unzip, launch
This kind of fight is endless
The only way to really stop anyone using the internet other than through the proxy server is to only allow HTTP traffic through a select range of IP Address.
We only allow around six IP address to go to the internet. Our two Proxy Servers and 4 IT Administrators. All other staff and server HAVE to go through the proxy server regardless of what browser or the position in the company they hold.
Darren
We only allow around six IP address to go to the internet. Our two Proxy Servers and 4 IT Administrators. All other staff and server HAVE to go through the proxy server regardless of what browser or the position in the company they hold.
Darren
http://sourceforge.net/projects/firefoxadm