Solved

Controling Internet Access

Posted on 2013-06-26
4
282 Views
Last Modified: 2013-08-13
I have a network that is primarily server 2008 R2 and windows 7  with a few xp machines still left.

We need to lock down internet access on production floor terminals to prevent abuse. Theere are several clound servics that all users need and thus need internet access for so I need help with a way to lock down access except these specific sites.

Also there are 2-3 users that need to use these same machines that need full unrestricted internet access when they log in.

There is really not a budget so it would be hard to buy any 3rd party warez. is there a way to do this in server 2008 with GPO's maybe?

I am very green on GPO's use and creation so I wanted to see if someone maybe had a example of something similar?
0
Comment
Question by:ATL74
  • 2
4 Comments
 
LVL 19

Expert Comment

by:Miguel Angel Perez Muñoz
ID: 39278128
You can use linux with squid, you need any kind of proxy to control Internet access.
0
 

Author Comment

by:ATL74
ID: 39278631
Looking for more of a GPO method if possible to do this with what we have and not buy things or install additional items to the network.
0
 
LVL 12

Accepted Solution

by:
TomRScott earned 500 total points
ID: 39279906
When you reference "Internet access" do you really mean all Internet access, including e-mail, etc, or just web on the Internet?

What firewall are you using?

Depending on the firewall, you may be able to have it proxy web access based on user ID. Some firewalls support LDAP linkage to AD to acquire user names and may be able to restrict all but those in a given AD (or firewall) user group.

Because you wish to have permitted users accessing otherwise restricted sites from the otherwise restricted workstations, some proxy system is probably your best bet. If all you wanted was to restrict ALL Internet access, you could just drop the gateway address from the restricted workstations (if production does NOT need access to another LAN).

 - Tom
0
 

Author Comment

by:ATL74
ID: 39281049
I just wan to drop website access not email and such and only drop website access for some users. There about 10 sites for SaS applications that all users need access to.

Using Sonicwall Tz 200 firewall but we would rather handle it based on GPO if possible.
0

Featured Post

Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Ensuring effective and secure communication in the age of healthcare BYOD.
One of the biggest threats in the cyber realm pertains to advanced persistent threats (APTs). This paper is a compare and contrast of Russian and Chinese APT's.
This tutorial will show how to configure a new Backup Exec 2012 server and move an existing database to that server with the use of the BEUtility. Install Backup Exec 2012 on the new server and apply all of the latest hotfixes and service packs. The…
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question