Solved

Controling Internet Access

Posted on 2013-06-26
4
284 Views
Last Modified: 2013-08-13
I have a network that is primarily server 2008 R2 and windows 7  with a few xp machines still left.

We need to lock down internet access on production floor terminals to prevent abuse. Theere are several clound servics that all users need and thus need internet access for so I need help with a way to lock down access except these specific sites.

Also there are 2-3 users that need to use these same machines that need full unrestricted internet access when they log in.

There is really not a budget so it would be hard to buy any 3rd party warez. is there a way to do this in server 2008 with GPO's maybe?

I am very green on GPO's use and creation so I wanted to see if someone maybe had a example of something similar?
0
Comment
Question by:ATL74
  • 2
4 Comments
 
LVL 19

Expert Comment

by:Miguel Angel Perez Muñoz
ID: 39278128
You can use linux with squid, you need any kind of proxy to control Internet access.
0
 

Author Comment

by:ATL74
ID: 39278631
Looking for more of a GPO method if possible to do this with what we have and not buy things or install additional items to the network.
0
 
LVL 12

Accepted Solution

by:
TomRScott earned 500 total points
ID: 39279906
When you reference "Internet access" do you really mean all Internet access, including e-mail, etc, or just web on the Internet?

What firewall are you using?

Depending on the firewall, you may be able to have it proxy web access based on user ID. Some firewalls support LDAP linkage to AD to acquire user names and may be able to restrict all but those in a given AD (or firewall) user group.

Because you wish to have permitted users accessing otherwise restricted sites from the otherwise restricted workstations, some proxy system is probably your best bet. If all you wanted was to restrict ALL Internet access, you could just drop the gateway address from the restricted workstations (if production does NOT need access to another LAN).

 - Tom
0
 

Author Comment

by:ATL74
ID: 39281049
I just wan to drop website access not email and such and only drop website access for some users. There about 10 sites for SaS applications that all users need access to.

Using Sonicwall Tz 200 firewall but we would rather handle it based on GPO if possible.
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Data breaches are on the rise, and companies are preparing by boosting their cybersecurity budgets. According to the Cybersecurity Market Report (http://www.cybersecurityventures.com/cybersecurity-market-report), worldwide spending on cybersecurity …
OnPage: Incident management and secure messaging on your smartphone
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…

828 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question