Solved

Controling Internet Access

Posted on 2013-06-26
4
281 Views
Last Modified: 2013-08-13
I have a network that is primarily server 2008 R2 and windows 7  with a few xp machines still left.

We need to lock down internet access on production floor terminals to prevent abuse. Theere are several clound servics that all users need and thus need internet access for so I need help with a way to lock down access except these specific sites.

Also there are 2-3 users that need to use these same machines that need full unrestricted internet access when they log in.

There is really not a budget so it would be hard to buy any 3rd party warez. is there a way to do this in server 2008 with GPO's maybe?

I am very green on GPO's use and creation so I wanted to see if someone maybe had a example of something similar?
0
Comment
Question by:ATL74
  • 2
4 Comments
 
LVL 19

Expert Comment

by:Miguel Angel Perez Muñoz
ID: 39278128
You can use linux with squid, you need any kind of proxy to control Internet access.
0
 

Author Comment

by:ATL74
ID: 39278631
Looking for more of a GPO method if possible to do this with what we have and not buy things or install additional items to the network.
0
 
LVL 12

Accepted Solution

by:
TomRScott earned 500 total points
ID: 39279906
When you reference "Internet access" do you really mean all Internet access, including e-mail, etc, or just web on the Internet?

What firewall are you using?

Depending on the firewall, you may be able to have it proxy web access based on user ID. Some firewalls support LDAP linkage to AD to acquire user names and may be able to restrict all but those in a given AD (or firewall) user group.

Because you wish to have permitted users accessing otherwise restricted sites from the otherwise restricted workstations, some proxy system is probably your best bet. If all you wanted was to restrict ALL Internet access, you could just drop the gateway address from the restricted workstations (if production does NOT need access to another LAN).

 - Tom
0
 

Author Comment

by:ATL74
ID: 39281049
I just wan to drop website access not email and such and only drop website access for some users. There about 10 sites for SaS applications that all users need access to.

Using Sonicwall Tz 200 firewall but we would rather handle it based on GPO if possible.
0

Featured Post

Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Most of the applications these days are on Cloud. Cloud is ubiquitous with many service providers in the market. Since it has many benefits such as cost reduction, software updates, remote access, disaster recovery and much more.
I had an issue with InstallShield not being able to use Computer Browser service on Windows Server 2012. Here is the solution I found.
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

863 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now