Solved

Only Allow Access to Certain Webpages on a Domain Computer

Posted on 2014-01-14
10
344 Views
Last Modified: 2014-11-12
Hello,
     I currently have a domain machine running Windows 7 Professional on which I want to restrict the use to only using Outlook, a custom DB application, and Google drive. I'm having trouble restricting web use using tools built into Windows. I was going to use a proxy, but since Google drive is HTTPS, I'm having trouble with it. Does anybody have any suggestions?

Thanks!
0
Comment
Question by:indigo6
10 Comments
 
LVL 19

Assisted Solution

by:helpfinder
helpfinder earned 100 total points
ID: 39780481
there is a many ways, as you mentioned proxy, you can use some URL filters (white list) on your router or you can configure some VLAN like this (depends on your skills and network infrastructure)

Simple but not ideal solution how to do this is also use GPO and set IE proxy settings so only listed URLs will be accessible (but this will work only for IE, so you have to uninstall other web browsers if any and also probably it won´t work if somebody put USB stick and uses portable browser - depends how IT experienced users you have :))

Anyway that GPO is like this:
gpo
0
 
LVL 50

Expert Comment

by:jcimarron
ID: 39780748
indigo6--
Use IE's Content Advisor (now called Family Safety).  (Do not be put off by the mention of its use with children.)
IE Tools|Internet Options|Content tab.
http://windows.microsoft.com/en-us/windows/using-content-advisor-block-inappropriate-content#1TC=windows-7  Click the "To Block or Allow Specific Websites" link.

There are third party apps such as K-9 that perform similarly.
http://www1.k9webprotection.com/
0
 
LVL 3

Expert Comment

by:Kyle Green
ID: 39780976
Another route, if you wish, put a PFSense box between the edge of your network and the network itself. You don't even need to use a proxy program but have it check requests and using firewall filters (you could do this with like... 3 rules...) just specify your allowed sites and then at the bottom but a blanket deny all rule. Realize this would also cut off Windows Update. It will however handle the HTTPS because it will be checking the destination address as requested in DNS.
0
 

Author Comment

by:indigo6
ID: 39783973
I'm leaning towards using Content Advisor, but even when I add the entire google domain, it still asks for the password.
0
 
LVL 50

Expert Comment

by:jcimarron
ID: 39784062
indigo6--
Have you rebooted since setting Content Advisor up?

Is this the Content Advisor password being asked for or the IE password?

Are you allowed access to the Google sites when you enter the password?

I am not sure if this is the password to which you refer
http://www.wikihow.com/Remove-Content-Advisor-Password-in-Internet-Explorer
0
 

Author Comment

by:indigo6
ID: 39784273
It is the content advisor password. I am allowed to access the webpage for that browsing session. However, if I close IE and then reopen it, it asks again. But my allow list includes *.google.com, so the entire domain should be allowed.
0
 
LVL 50

Accepted Solution

by:
jcimarron earned 400 total points
ID: 39786019
indigo6--
You should not have to use a password to access allowed sites in Content Advisor.  
I do not know the procedure you used to set Content Advisor up.  Here is a short summary of the MS suggested procedure
http://windows.microsoft.com/en-us/windows/using-content-advisor-block-inappropriate-content#1TC=windows-7

But if that is what you used then here is an alternative method.
http://www.gegeek.com/documents/BAF79EC8E64F7DC911EF68D42485ABF1E8EF0D42.html
0
 

Author Comment

by:indigo6
ID: 39786570
jcimarron, I used the second method, and the problem was that I had to specify the protocol, that is, I had to type https://... in the allowed sites list. Thanks!
0
 

Author Closing Comment

by:indigo6
ID: 39786596
I ended up using the solution by jcimarron, I may use a proxy later, but this is ok for now.
0
 
LVL 50

Expert Comment

by:jcimarron
ID: 39786755
indigo6--Glad to have helped.  Thanks for telling us about using https://
0

Join & Write a Comment

In this article, we will see the basic design consideration while designing a Multi-tenant web application in a simple manner. Though, many frameworks are available in the market to develop a multi - tenant application, but do they provide data, cod…
PRTG Network Monitor lets you monitor your bandwidth usage, so you know who is using up your bandwidth, and what they're using it for.
This Micro Tutorial will demonstrate using Google Doc how to import live data to another spreadsheet in Google Spreadsheets using the IMPORTRANGE function.
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now