Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

Whats the best way to block access to specific sites?

Posted on 2010-08-25
1
Medium Priority
?
340 Views
Last Modified: 2016-09-30
I work in an environment where we have public access to our information.  This information can be viewed and researched any time for free.  However paper and digital copies of the information to be taken away must be paid for.  Recently the honor system seems to have fallen down as some researchers have been emailing themselves gigabytes of data from our research computers.

Time to restrict access.

Points to note:  I don't control the DNS; the OU that these computers reside in is the ONLY one that should be restricted; there are legitimate reasons to be accessing the internet from our research computers, so we just want to block access to web mail; the solution needs to work for both IE and Firefox, on a mixture of Vista and Win 7 computers.

So far in my research, the hosts file seems to be the 'best' solution, but it's clunky, inflexible and wont accept wild cards.
0
Comment
Question by:Williams Co IT Dept
1 Comment
 

Accepted Solution

by:
Williams Co IT Dept earned 0 total points
ID: 33533528
OK IPSec seems to have resolved the issue!!

A Group Policy Object able to be applied to a single OU, using existing infrastructure, blocking all secure connections on port 443.  This will block some possibly legitimate uses of the internet on those machines, but they will be few and there are other options for the public if they need that.

GPO
Computer Configuration>
Policies>
Windows Settings>
Security Settings>
IP Security Policies>
Created a new IP Security Policy, followed Wizard and added rules for LAN connections that connect through TCP and UDP to port 443.
0

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

2017 was a scary year for cyber security.  Hear what our security experts say that hackers have in store for us in 2018.
The article explains the process to deploy a Self-Service password reset portal I developed a few years ago. Hopefully, it will prove useful to someone.  Any comments, bug reports etc. are welcome...
The Task Scheduler is a powerful tool that is built into Windows. It allows you to schedule tasks (actions) on a recurring basis, such as hourly, daily, weekly, monthly, at log on, at startup, on idle, etc. This video Micro Tutorial is a brief intro…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

580 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question