[Webinar] Streamline your web hosting managementRegister Today

x
?
Solved

how to restrict browsing the internet from client machines

Posted on 2010-04-10
9
Medium Priority
?
445 Views
Last Modified: 2012-05-09
I would like to block the internet browsing of 7 out of 9 users on the network, but the machines should be able to access the internet to automatically update the antivirus.

the server is Microsoft Windows Server 2003 R2.
Client Machines are Windows XP Professional.
0
Comment
Question by:Ozzie101
9 Comments
 
LVL 24

Expert Comment

by:B H
ID: 30351925
does your router/firewall device support this?  that would be best.

we use the zyxel zywall 2, it allows for you to specify which ip addresses can access which sites, or deny all sites except a specified list... or block certain sites but allow everything else... etc

http://www.zyxel.com/web/product_family_detail.php?PC1indexflag=20040908175941&CategoryGroupNo=FF94F854-B6F1-47B7-BFB7-4660CF8649C8

there isn't anything built-in to windows that will allow for you to do this...
0
 
LVL 20

Expert Comment

by:wolfcamel
ID: 30352987
you can use a group policy to set a proxy setting in internet explorer - set it to something that doesnt exist or isnt a real proxy.
alternatively - to block some sites for all users - put a dns entry in on your server so when they try to go to the site it wont come up.

each of these methods isnt perfect - ideally you need to run a firewall or proxy server that integrates with active directory.
0
 
LVL 47

Expert Comment

by:Donald Stewart
ID: 30354830
0
Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

 
LVL 24

Expert Comment

by:B H
ID: 30355501
any dns solution is going to require entering every possible domain/host name and setting them to 0.0.0.0 or something invalid

steadystate is awesome for locking down what users can do on the machine but i dont see how it can lock down web browsing

turning on a proxy will prevent windows update, and might mess with other 3rd party programs that rely on the IE proxy settings
0
 
LVL 47

Expert Comment

by:Donald Stewart
ID: 30355640
"any dns solution is going to require entering every possible domain/host  name and setting them to 0.0.0.0 or something invalid"


No it is not!!!
0
 
LVL 47

Accepted Solution

by:
Donald Stewart earned 1000 total points
ID: 30356024
"steadystate is awesome for locking down what users can do on the machine  but i dont see how it can lock down web browsing"


Web addresses allowed option




featurerestrictions.png
0
 

Author Comment

by:Ozzie101
ID: 30356625
All,

what about using " Set Program Access and defaults " within Windows XP?

if I restrict Internet Explorer, would my antivirus update automatically?
0
 
LVL 24

Expert Comment

by:B H
ID: 30356860
windows updates will run even if you set the default web browser to something else

set program access and defaults is just saying what programs you want things to open in, not weather or not it should be allowed
0
 
LVL 47

Expert Comment

by:Donald Stewart
ID: 30357556
Try Steady state with the "Prevent internet access(except websites below)" option.


Steady state is free and from microsoft and also has the option of "Windows Disk Protection" which is comparable to Deep Freeze
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Numerous times I have been asked this questions that what is it that makes my machine log on so slow, there have been cases where computers took 23 minute exactly after taking password and getting to the desktop. Interesting thing was the fact th…
A quick step-by-step overview of installing and configuring Carbonite Server Backup.
How can you see what you are working on when you want to see it while you to save a copy? Add a "Save As" icon to the Quick Access Toolbar, or QAT. That way, when you save a copy of a query, form, report, or other object you are modifying, you…
There may be issues when you are trying to access Outlook or send & receive emails or due to Outlook crash which leads to corrupt or damaged PST file. To eliminate the corruption from your PST file, you need to repair the corrupt Outlook PST file. U…

590 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question