Solved

Only Allow Access to Certain Webpages on a Domain Computer

Posted on 2014-01-14
10
353 Views
Last Modified: 2014-11-12
Hello,
     I currently have a domain machine running Windows 7 Professional on which I want to restrict the use to only using Outlook, a custom DB application, and Google drive. I'm having trouble restricting web use using tools built into Windows. I was going to use a proxy, but since Google drive is HTTPS, I'm having trouble with it. Does anybody have any suggestions?

Thanks!
0
Comment
Question by:indigo6
10 Comments
 
LVL 19

Assisted Solution

by:helpfinder
helpfinder earned 100 total points
ID: 39780481
there is a many ways, as you mentioned proxy, you can use some URL filters (white list) on your router or you can configure some VLAN like this (depends on your skills and network infrastructure)

Simple but not ideal solution how to do this is also use GPO and set IE proxy settings so only listed URLs will be accessible (but this will work only for IE, so you have to uninstall other web browsers if any and also probably it won´t work if somebody put USB stick and uses portable browser - depends how IT experienced users you have :))

Anyway that GPO is like this:
gpo
0
 
LVL 50

Expert Comment

by:jcimarron
ID: 39780748
indigo6--
Use IE's Content Advisor (now called Family Safety).  (Do not be put off by the mention of its use with children.)
IE Tools|Internet Options|Content tab.
http://windows.microsoft.com/en-us/windows/using-content-advisor-block-inappropriate-content#1TC=windows-7  Click the "To Block or Allow Specific Websites" link.

There are third party apps such as K-9 that perform similarly.
http://www1.k9webprotection.com/
0
 
LVL 3

Expert Comment

by:Kyle Green
ID: 39780976
Another route, if you wish, put a PFSense box between the edge of your network and the network itself. You don't even need to use a proxy program but have it check requests and using firewall filters (you could do this with like... 3 rules...) just specify your allowed sites and then at the bottom but a blanket deny all rule. Realize this would also cut off Windows Update. It will however handle the HTTPS because it will be checking the destination address as requested in DNS.
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 

Author Comment

by:indigo6
ID: 39783973
I'm leaning towards using Content Advisor, but even when I add the entire google domain, it still asks for the password.
0
 
LVL 50

Expert Comment

by:jcimarron
ID: 39784062
indigo6--
Have you rebooted since setting Content Advisor up?

Is this the Content Advisor password being asked for or the IE password?

Are you allowed access to the Google sites when you enter the password?

I am not sure if this is the password to which you refer
http://www.wikihow.com/Remove-Content-Advisor-Password-in-Internet-Explorer
0
 

Author Comment

by:indigo6
ID: 39784273
It is the content advisor password. I am allowed to access the webpage for that browsing session. However, if I close IE and then reopen it, it asks again. But my allow list includes *.google.com, so the entire domain should be allowed.
0
 
LVL 50

Accepted Solution

by:
jcimarron earned 400 total points
ID: 39786019
indigo6--
You should not have to use a password to access allowed sites in Content Advisor.  
I do not know the procedure you used to set Content Advisor up.  Here is a short summary of the MS suggested procedure
http://windows.microsoft.com/en-us/windows/using-content-advisor-block-inappropriate-content#1TC=windows-7

But if that is what you used then here is an alternative method.
http://www.gegeek.com/documents/BAF79EC8E64F7DC911EF68D42485ABF1E8EF0D42.html
0
 

Author Comment

by:indigo6
ID: 39786570
jcimarron, I used the second method, and the problem was that I had to specify the protocol, that is, I had to type https://... in the allowed sites list. Thanks!
0
 

Author Closing Comment

by:indigo6
ID: 39786596
I ended up using the solution by jcimarron, I may use a proxy later, but this is ok for now.
0
 
LVL 50

Expert Comment

by:jcimarron
ID: 39786755
indigo6--Glad to have helped.  Thanks for telling us about using https://
0

Featured Post

Enterprise Mobility and BYOD For Dummies

Like “For Dummies” books, you can read this in whatever order you choose and learn about mobility and BYOD; and how to put a competitive mobile infrastructure in place. Developed for SMBs and large enterprises alike, you will find helpful use cases, planning, and implementation.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When you try to extract and to view the contents of a Microsoft Update Standalone Package (MSU) for Windows Vista, you cannot extract the files from the MSU. Here we are going to explain how to extract those hotfix details without using any third pa…
This article will inform Clients about common and important expectations from the freelancers (Experts) who are looking at your Gig.
Along with being a a promotional video for my three-day Annielytics Dashboard Seminor, this Micro Tutorial is an intro to Google Analytics API data.
Shows how to create a shortcut to site-search Experts Exchange using Google in the Chrome browser. This eliminates the need to type out site:experts-exchange.com whenever you want to search the site. Launch the Search Engine Menu: In chrome, via you…

821 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question