How to block uploading not downloading to file sharing web sites like sendbigfiles.com or dropbox?
Opendns.com was working perfectly in blocking file sharing, file storage web sites & other categories.
Now we want users to be able to download from all these sites but want to restrict them from uploading any of the company data.
Please suggest any solution .. may include a hardware appliance or a software solution.
Total users are less than 50. Internet connection is 8Mbps only.
Only few users like to have unrestricted access to all the sites.
Now we want users to be able to download from all these sites but want to restrict them from uploading any of the company data.
Please suggest any solution .. may include a hardware appliance or a software solution.
Total users are less than 50. Internet connection is 8Mbps only.
Only few users like to have unrestricted access to all the sites.
gplana
I would add a rule and disallow the port that use the upload but just for these sites. This way users will be able to download but not upload to these sites.
ASKER
Is thr any standard port common for all these sites or have to make rule for each site.
Right now we are using : Cisco RVS4000 & RV120W
http://www.cisco.com/c/en/us/products/routers/rvs4000-4-port-gigabit-security-router-vpn/index.html
http://www.cisco.com/c/en/us/products/routers/rv120w-wireless-n-vpn-firewall/index.html
Is this possible with these routers/firewall or do I have to buy some other firewall/UTM?
Right now we are using : Cisco RVS4000 & RV120W
http://www.cisco.com/c/en/us/products/routers/rvs4000-4-port-gigabit-security-router-vpn/index.html
http://www.cisco.com/c/en/us/products/routers/rv120w-wireless-n-vpn-firewall/index.html
Is this possible with these routers/firewall or do I have to buy some other firewall/UTM?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Tx for such an info and the confirmation.
Now we have two options...
1. Select one such site which we can block uploading from lan side and request sender to use that site only.
2. Setup our own internal ftp server.
Now we have two options...
1. Select one such site which we can block uploading from lan side and request sender to use that site only.
2. Setup our own internal ftp server.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Though there is no solution of my requirement, it is important to know that there is no solution exist; so that we may start working on work around.
Experts @Expert exchange brings the confidence that if there is a solution we may get it here.
Experts @Expert exchange brings the confidence that if there is a solution we may get it here.
feel free to post about your requirements ( automagic synchronisation, offline access, version control... or just be able to access personal files ? ) and possible solutions you are working on if you feel we can help.
note that many existing such sites allow HTTP access. in this case most likely files are uploaded using POST or PUT queries while regular browsing and file downloads are available using GET. if you have an HTTP proxy, allowing GET and HEAD queries only for a series of sites is quite trivial. if the site provides a synchronisation tool that does not work over HTTP, you can block the port altogether. but the users will need to use a browser to retrieve files. one problem of this approach, is you'd probably need to monitor the site for changes since they may change policies in the future without warning.
note that many existing such sites allow HTTP access. in this case most likely files are uploaded using POST or PUT queries while regular browsing and file downloads are available using GET. if you have an HTTP proxy, allowing GET and HEAD queries only for a series of sites is quite trivial. if the site provides a synchronisation tool that does not work over HTTP, you can block the port altogether. but the users will need to use a browser to retrieve files. one problem of this approach, is you'd probably need to monitor the site for changes since they may change policies in the future without warning.