• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 846
  • Last Modified:

Web content filtering -- work laptops at home ?

What "content filtering” software do you recommend when users take their laptops home and use their OWN home internet connections so they still get work's "content filtering” rules ?

6 Solutions
We force the VPN to connect at startup, therefore the user receives the policy.  So they may not be able to access "fun" stuff at home, but remember, it is still a WORK laptop.

I believe that some corporate web filtering software allows you to install on the work laptops.. (download from the companys website) this way the policy updates when the laptop is connected to the work network, but any changes that you make while the laptop is at home will not get applied until either

A.  user connects to the VPN
B.  the laptop is brought back into the office and connects to the network

But remember..  if you go to the Barracuda website, their "slogan" is:

"Complete protection of your DESKTOP network!"

Good Luck
We have some laptops that have air cards in them which allow the user to connect through Verizon's cellular service. Which means they are just out in the wild until they connect to the VPN. We could auto launch the vpn but unfortunately the user can just disconnect and use the Verizon card. So I've started looking at using the content advisor built into IE. I basically setup all my settings on a test laptop and exported the reg entries which i plan to deploy as part of the image though SCCM. (our laptops are about to be upgraded from XP to 7).

Just figured i put another idea out there - http://www.techsupportforum.com/forums/f10/export-content-advisor-settings-147444.html
just a thought..

Set their DNS to your internal DNS (e.g. 10.x.x.x) and give them user privledges only. When they are on the VPN they will be able to access my internal DNS to resolve HTTP request. With user priv, they cannot reset the DNS IP.
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

just like the above,  our users have our proxy coded in via group policy which cannot be changed.

so only way to surf the net is by loggin on to the vpn first.
One of the problems we have is some of our users need to be able to use public wi-fi and places that require them to login won't work because they can't get to the login page. However if this isn't a concern a proxy or DNS definitely seems like the way to go.
finance_teacherAuthor Commented:
Would doing via VPN to get the policy use by my corporate bandwidth ?

 1. user goes to Oracle.com
 2. download a 2GB file
 3. my corporate bandwidth & the user's home bandwidth is used to download this entire file
Brad BouchardInformation Systems Security OfficerCommented:
If they don't have admin rights on their laptops and couldn't change DNS/IP settings you could use OpenDNS and force a proxy or force them to use OpenDNS servers based off a policy inherited from your internal server when they were on the network.  

A much easier way is to do the $12 per user per year option of Barracuda's which allows you to install an agent, that is very lightweight, on any computer and all Internet traffic is routed and checked by Barracuda's filters.  You set what they can and can't access down to the exact file extension and never worry about it again.  I would highly encourage you to think about it:  It's called Web Security Flex

Featured Post

Cyber Threats to Small Businesses (Part 1)

This past May, Webroot surveyed more than 600 IT decision-makers at medium-sized companies to see how these small businesses perceived new threats facing their organizations.  Read what Webroot CISO, Gary Hayslip, has to say about the survey in part 1 of this 2-part blog series.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now