Solved

Control Internet Access with Windows SBS 2011

Posted on 2011-03-07
12
2,632 Views
Last Modified: 2012-05-11
I have a Windows SBS 2011, It´s my understanding that it only supports one NIC, is this possible? To share internet from the server to my office users?, I want to restrict wath pages users can see, what chats, social networks, etc.

What program can I use so users from my office go through the internet through my Windows SBS? is it possible?, or the easyest way to control this is having a small router?, what could be the cheapeast one and more usefull?
0
Comment
Question by:marpanet
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
  • 2
  • +2
12 Comments
 
LVL 58

Assisted Solution

by:Cliff Galiher
Cliff Galiher earned 100 total points
ID: 35063286
This type of control is not possible via SBS. You will need to set up another device/computer/appliance to perform filtering and access control.

-Cliff
0
 
LVL 77

Accepted Solution

by:
Rob Williams earned 300 total points
ID: 35064035
Many people choose to use OpenDNS as there public DNS server, instead of their ISP. This will allow you to restrict access to various sites. You can obtain a free account which is what most people choose to do , or they have paid accounts that allow more granular control.
http://www.opendns.com/solutions/overview/
0
 
LVL 2

Assisted Solution

by:AlwaysLearnin
AlwaysLearnin earned 100 total points
ID: 35070850
We use a Checkpoint appliance. It's priced reasonably for what it does. You can subscribe to web, and anti-virus filtering, control chat, and it blocks malicious content. Check it out.
http://www.sofaware.com/overview.aspx?boneId=145&objId=110&nsId=140

I have no association with them, just a satisfied customer.
0
How to Defend Against the WCry Ransomware Attack

On May 12, 2017, an extremely virulent ransomware variant named WCry 2.0 began to infect organizations. Within several hours, over 75,000 victims were reported in 90+ countries. Learn more from our research team about this threat & how to protect your organization!

 
LVL 2

Author Comment

by:marpanet
ID: 35070981
Cgaliher, thank you for the information, but could you help me on the names or models of the devices like routers than can help me with this, I am checking out the solution given by RobWill and I found it to be a simple and great solution, but easy for users to skip this protection, but I will propose that solution to my client to see if he´s happy with that solution.
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 35071035
If you also use Group Policy to prevent users from changing their DNS settings it is much more difficult for them to bypass Open DNS. Basic users cannot change their network configuration by default.
Most routers will block web sites, but unless you use a commercial router most are limited to blocking only a handful of sites.
If you want total internal control another option is to set up an internal Proxy server, which allows very granular control as well as caching to improve browsing performance.
0
 
LVL 2

Author Comment

by:marpanet
ID: 35071420
AlwaysLearnin, when you said "priced reasonably ", it´s a fixed cost for year?, for user?
0
 
LVL 2

Expert Comment

by:AlwaysLearnin
ID: 35071575
You buy the appliance outright. They start at $300 for 5 users.  Then the web filtering and AV subscription are renewable annually. The pricing is based on the number of users. 5 for $225, 25 for $500, unlimited for $750. It also has a VPN server if they want to connect remotely.

These are the retail prices from their site. You will probably do better through a reseller.
0
 
LVL 58

Expert Comment

by:Cliff Galiher
ID: 35074596
Sonicwall has good business-class UTM devices that do filtering. As does Calyptix. If you want to stay all MS, you can set up a server running Microsoft Forefront TMG 2010, or there are preconfigured TMG appliances as well (Celestix.)

Or you could take an older PC, install a few NICs, and run various open-source filtering tools such as Untangle.

You have options.

-Cliff
0
 
LVL 2

Author Closing Comment

by:marpanet
ID: 35084073
thank you for the information, I will give most of the points to RobWill due to the fact that the solution given by him was the one I implemented and worked! :D
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 35084397
Glad to hear it worked out for you.
Thanks marpanet.
Cheers!
--Rob
0
 

Expert Comment

by:jatina
ID: 37587186
Can Open DNS also be used selectively? Some users get full internet access while some users are blocked all except Gmail POP and SMTP ports for outlook?

Thanks,
Jatin
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 37587204
With the paid version I believe you can have selective control, but you cannot with the free version.  I have heard Open DNS may be totally changing their pricing structure you may want to confirm that.
0

Featured Post

How Do You Stack Up Against Your Peers?

With today’s modern enterprise so dependent on digital infrastructures, the impact of major incidents has increased dramatically. Grab the report now to gain insight into how your organization ranks against your peers and learn best-in-class strategies to resolve incidents.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

I’m often asked about newer and larger USB drives connected to SBS2008 and 2011 failing Windows Server Backup vs the older USB drives not failing. As disk space continues to grow and drive technology change SBS2008 and some SBS2011 end up with the f…
I work for a company that primarily works with small businesses as their outsourced IT vendor. As such the majority of these customers utilize some version of Small Business Server. Due to the economics of running a small business, many of these cus…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

733 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question