Solved

Control Internet Access with Windows SBS 2011

Posted on 2011-03-07
12
2,604 Views
Last Modified: 2012-05-11
I have a Windows SBS 2011, It´s my understanding that it only supports one NIC, is this possible? To share internet from the server to my office users?, I want to restrict wath pages users can see, what chats, social networks, etc.

What program can I use so users from my office go through the internet through my Windows SBS? is it possible?, or the easyest way to control this is having a small router?, what could be the cheapeast one and more usefull?
0
Comment
Question by:marpanet
  • 4
  • 3
  • 2
  • +2
12 Comments
 
LVL 56

Assisted Solution

by:Cliff Galiher
Cliff Galiher earned 100 total points
ID: 35063286
This type of control is not possible via SBS. You will need to set up another device/computer/appliance to perform filtering and access control.

-Cliff
0
 
LVL 77

Accepted Solution

by:
Rob Williams earned 300 total points
ID: 35064035
Many people choose to use OpenDNS as there public DNS server, instead of their ISP. This will allow you to restrict access to various sites. You can obtain a free account which is what most people choose to do , or they have paid accounts that allow more granular control.
http://www.opendns.com/solutions/overview/
0
 
LVL 2

Assisted Solution

by:AlwaysLearnin
AlwaysLearnin earned 100 total points
ID: 35070850
We use a Checkpoint appliance. It's priced reasonably for what it does. You can subscribe to web, and anti-virus filtering, control chat, and it blocks malicious content. Check it out.
http://www.sofaware.com/overview.aspx?boneId=145&objId=110&nsId=140

I have no association with them, just a satisfied customer.
0
 
LVL 2

Author Comment

by:marpanet
ID: 35070981
Cgaliher, thank you for the information, but could you help me on the names or models of the devices like routers than can help me with this, I am checking out the solution given by RobWill and I found it to be a simple and great solution, but easy for users to skip this protection, but I will propose that solution to my client to see if he´s happy with that solution.
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 35071035
If you also use Group Policy to prevent users from changing their DNS settings it is much more difficult for them to bypass Open DNS. Basic users cannot change their network configuration by default.
Most routers will block web sites, but unless you use a commercial router most are limited to blocking only a handful of sites.
If you want total internal control another option is to set up an internal Proxy server, which allows very granular control as well as caching to improve browsing performance.
0
 
LVL 2

Author Comment

by:marpanet
ID: 35071420
AlwaysLearnin, when you said "priced reasonably ", it´s a fixed cost for year?, for user?
0
What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

 
LVL 2

Expert Comment

by:AlwaysLearnin
ID: 35071575
You buy the appliance outright. They start at $300 for 5 users.  Then the web filtering and AV subscription are renewable annually. The pricing is based on the number of users. 5 for $225, 25 for $500, unlimited for $750. It also has a VPN server if they want to connect remotely.

These are the retail prices from their site. You will probably do better through a reseller.
0
 
LVL 56

Expert Comment

by:Cliff Galiher
ID: 35074596
Sonicwall has good business-class UTM devices that do filtering. As does Calyptix. If you want to stay all MS, you can set up a server running Microsoft Forefront TMG 2010, or there are preconfigured TMG appliances as well (Celestix.)

Or you could take an older PC, install a few NICs, and run various open-source filtering tools such as Untangle.

You have options.

-Cliff
0
 
LVL 2

Author Closing Comment

by:marpanet
ID: 35084073
thank you for the information, I will give most of the points to RobWill due to the fact that the solution given by him was the one I implemented and worked! :D
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 35084397
Glad to hear it worked out for you.
Thanks marpanet.
Cheers!
--Rob
0
 

Expert Comment

by:jatina
ID: 37587186
Can Open DNS also be used selectively? Some users get full internet access while some users are blocked all except Gmail POP and SMTP ports for outlook?

Thanks,
Jatin
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 37587204
With the paid version I believe you can have selective control, but you cannot with the free version.  I have heard Open DNS may be totally changing their pricing structure you may want to confirm that.
0

Featured Post

Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

Join & Write a Comment

Suggested Solutions

The Cisco RV042 router is a popular small network interfacing device that is often used as an internet gateway. Network administrators need to get at the management interface to make settings, change passwords, etc. This access is generally done usi…
You may have discovered the 'Compatibility View Settings' workaround for making your SBS 2008 Remote Web Workplace 'connect to a computer' section stops 'working around' after a Windows 10 client upgrade.  That can be fixed so it 'works around' agai…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now