TechRepublic|Forums|IT Employment

IT Employment

General discussion

  • Creator
    Topic
  • March 1, 2005 at 1:46 pm #2176858

    Restrict Internet Access by User

    Locked

    by sferrero · about 17 years, 2 months ago

    Im an IT admin at my organization and i was wondering how i would go about restricting internet access from a certain user on our domain.

    I have one account that i do not want to be able to access the internet.

    Topic is locked This conversation is currently closed to new comments.
  • Creator
    Topic

All Comments

  • Author
    Replies
    • March 1, 2005 at 2:51 pm #3334902

      A number of ways.

      by tbragsda · about 17 years, 2 months ago

      In reply to Restrict Internet Access by User

      .
      You can run a proxy server, or what I would suggest is something like superscout. It will generate reports on usage, sites visited etc, and can block by site types etc.

      There are workstation options, but it makes more sence to do it from a server.

      • August 15, 2007 at 4:49 pm #2619302

        Easy

        by djp81s8 · about 14 years, 9 months ago

        In reply to A number of ways.

        Get his MAC address reserve an IP. Block the IP.

    • March 2, 2005 at 1:07 am #3330364

      use the

      by jaqui · about 17 years, 2 months ago

      In reply to Restrict Internet Access by User

      user account config to remove access to the external gateway for internet access.
      ( requires the server be configured to allow access on a user level for each device / service, rather than the most common of domain level controls )

      netware is good for the user level controls.
      *x is good for user level controls.

      • March 2, 2005 at 9:00 pm #3331644

        Novell Bordermanager.

        by tbragsda · about 17 years, 2 months ago

        In reply to use the

        .
        Ever use it? Was/is great! I dont have use it anymore, but loved it.

    • March 2, 2005 at 12:13 pm #3330140

      Proxy

      by choppit · about 17 years, 2 months ago

      In reply to Restrict Internet Access by User

      If you’re talking about restricting particular users then you’ll need to ensure that user need to log in before accessing the web. As mentioned above,a proxy such as squid will allow you to do this. If you’re trying to block a particular host then things are a little simpler. If the user is not PC savvy I sometimes set the browser proxy to the loopback address. Other times I block outgoing ports for particular hosts at the firewall.

    • March 2, 2005 at 12:54 pm #3330108

      What firewall do you use?

      by jdclyde · about 17 years, 2 months ago

      In reply to Restrict Internet Access by User

      Firewalls can allow and deny what ever you want.

      Just put in a deny from his pc’s IP to the destination. (unless you use DHCP, one of MANY reasons we do NOT use DHCP for our PC’s)

      Could also go to that pc and add that domain to the denyed or put in the hosts file that domain name with the address for an internal website with a note that the page attempted to access is denied due to company policy and the attempt has been logged.

    • March 3, 2005 at 3:03 pm #3330553

      ISA

      by mcseman · about 17 years, 2 months ago

      In reply to Restrict Internet Access by User

      I recommend using another Microsoft product called Internet Security and Acceleration (ISA). ISA will allow several simultaneous configurations including:
      1. restriction by user name
      2. restriction by group
      3. restriction to specific sites
      4. Restriction by time
      and any other combination of the above.
      Here is an example of a configuration I currently use to explain the flexability:
      I have a group of users that have 24/7 unlimited access (admins, directors, etc). I have set up time restrictions for other users to allow everyone unlimited access between the hours of 7-8am, 12-1pm, and 5-6pm. Every user has limited internet access to certain sites such as windowsupdate, antivirus update, corporate web site. ISA is not only the ‘proxy’ server but it is an integrated firewall that plays nice with Active Directory, OWA, and POP servers.
      I hope this helps.

      Erik ‘mcseman’ Pryor

      • January 11, 2007 at 11:30 pm #2504781

        Restricting by User on XP Pro

        by webaccount · about 15 years, 4 months ago

        In reply to ISA

        Hey,

        Is there any way to completely restrict internet access on xp with in the system or using downloads from microsoft.com.

        Are their any relatively inexpensive applications which can do this.

        Thanks,

        Rob

        • March 18, 2008 at 11:19 am #2547294

          global policy

          by wsmith · about 14 years, 2 months ago

          In reply to Restricting by User on XP Pro

          you can do it for free with global policy and have IE refer to a proxy server that does not exist. I have a whole group of users that are not allowed Internet access and can move people in and out of group at will.

        • January 14, 2009 at 12:22 am #2986966

          Global policy

          by don · about 13 years, 4 months ago

          In reply to global policy

          can you give a more detailed description on how to go about this?

  • Author
    Replies
Viewing 4 reply threads