• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 2646
  • Last Modified:

Control Internet Access with Windows SBS 2011

I have a Windows SBS 2011, It´s my understanding that it only supports one NIC, is this possible? To share internet from the server to my office users?, I want to restrict wath pages users can see, what chats, social networks, etc.

What program can I use so users from my office go through the internet through my Windows SBS? is it possible?, or the easyest way to control this is having a small router?, what could be the cheapeast one and more usefull?
0
marpanet
Asked:
marpanet
  • 4
  • 3
  • 2
  • +2
3 Solutions
 
Cliff GaliherCommented:
This type of control is not possible via SBS. You will need to set up another device/computer/appliance to perform filtering and access control.

-Cliff
0
 
Rob WilliamsCommented:
Many people choose to use OpenDNS as there public DNS server, instead of their ISP. This will allow you to restrict access to various sites. You can obtain a free account which is what most people choose to do , or they have paid accounts that allow more granular control.
http://www.opendns.com/solutions/overview/
0
 
AlwaysLearninCommented:
We use a Checkpoint appliance. It's priced reasonably for what it does. You can subscribe to web, and anti-virus filtering, control chat, and it blocks malicious content. Check it out.
http://www.sofaware.com/overview.aspx?boneId=145&objId=110&nsId=140

I have no association with them, just a satisfied customer.
0
Threat Trends for MSPs to Watch

See the findings.
Despite its humble beginnings, phishing has come a long way since those first crudely constructed emails. Today, phishing sites can appear and disappear in the length of a coffee break, and it takes more than a little know-how to keep your clients secure.

 
marpanetAuthor Commented:
Cgaliher, thank you for the information, but could you help me on the names or models of the devices like routers than can help me with this, I am checking out the solution given by RobWill and I found it to be a simple and great solution, but easy for users to skip this protection, but I will propose that solution to my client to see if he´s happy with that solution.
0
 
Rob WilliamsCommented:
If you also use Group Policy to prevent users from changing their DNS settings it is much more difficult for them to bypass Open DNS. Basic users cannot change their network configuration by default.
Most routers will block web sites, but unless you use a commercial router most are limited to blocking only a handful of sites.
If you want total internal control another option is to set up an internal Proxy server, which allows very granular control as well as caching to improve browsing performance.
0
 
marpanetAuthor Commented:
AlwaysLearnin, when you said "priced reasonably ", it´s a fixed cost for year?, for user?
0
 
AlwaysLearninCommented:
You buy the appliance outright. They start at $300 for 5 users.  Then the web filtering and AV subscription are renewable annually. The pricing is based on the number of users. 5 for $225, 25 for $500, unlimited for $750. It also has a VPN server if they want to connect remotely.

These are the retail prices from their site. You will probably do better through a reseller.
0
 
Cliff GaliherCommented:
Sonicwall has good business-class UTM devices that do filtering. As does Calyptix. If you want to stay all MS, you can set up a server running Microsoft Forefront TMG 2010, or there are preconfigured TMG appliances as well (Celestix.)

Or you could take an older PC, install a few NICs, and run various open-source filtering tools such as Untangle.

You have options.

-Cliff
0
 
marpanetAuthor Commented:
thank you for the information, I will give most of the points to RobWill due to the fact that the solution given by him was the one I implemented and worked! :D
0
 
Rob WilliamsCommented:
Glad to hear it worked out for you.
Thanks marpanet.
Cheers!
--Rob
0
 
jatinaCommented:
Can Open DNS also be used selectively? Some users get full internet access while some users are blocked all except Gmail POP and SMTP ports for outlook?

Thanks,
Jatin
0
 
Rob WilliamsCommented:
With the paid version I believe you can have selective control, but you cannot with the free version.  I have heard Open DNS may be totally changing their pricing structure you may want to confirm that.
0

Featured Post

The Firewall Audit Checklist

Preparing for a firewall audit today is almost impossible.
AlgoSec, together with some of the largest global organizations and auditors, has created a checklist to follow when preparing for your firewall audit. Simplify risk mitigation while staying compliant all of the time!

  • 4
  • 3
  • 2
  • +2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now