General discussion


Workable lockdown

By rockalah ·
I have almost 100 users who visit websites that are not company sanctioned. Somes sites place data mining software and others spyware that could jeapardize patient data. The users still need to have access to the Internet and all of these sites are known. I have tried the "content advisor" using the password feature. Giving the password out is not an option (except to key personnel). I tried this on as a trial and the first time a user went to do legitamate work, they could not get on the Internet because no one was available to enter the password. What we need is a way to lock out all sites that have not been authorized and allow users to do their work without having to know a password. Plus - we will not purchase additional software to do this webaccess filtering.

This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Comments

Collapse -

Blocking can be done many ways

by gralfus In reply to Workable lockdown

You can use a proxy server, you can block with the outgoing router (default gateway), you can block with a firewall, etc. This way you can use equipment already in place to do the work. (Unless your network really is connected directly to the Internet, in which case I pity your company.)

Since you stated that the sites are known, you can block them with the above methods via name or IP address.

Collapse -

re: Somes sites place data mining software and others spyware that could je

by tharrington In reply to Workable lockdown

We recently purchased a new firewall for our small company. It has the ability to block sites of course. Is there a source for KNOWN sites that cause these issues? I know alot of our users are going to greeting card sites, smiley central and so on ... Any help would be appreciated!

Collapse -

Re: Workable Lockdown

by gario In reply to Workable lockdown

Using a proxy server,etc. is good, but it blocks all users from the Internet or particular sites. In my environment, we have some general purpose workstations that are configured with group logons. Recently we enabled the Content Advisor using templates such *.net, *.com, http://www.*.com, etc to block and put in web sites that are approved. This lets users who need the Internet have access. It's working, but if somebody really wants to circumvent the Advisor, all they have to do is delete a registry setting.

Collapse -

proxy/firewall setup

by Nitrosoft In reply to Workable lockdown

what you really need is a proxy server / firewall setup, you'll want the proxy server to filter the sites that people are aloowde to vist, you've said you don't want to spend any money, so I recomend a proxy server called Privoxy available from and available in both linux and windows distorbutions.

Next you'll want to setup an internal fire wall to ensure that your local network has no direct access to the internet. every thing has to go through the proxy server, this will limit your users access to the internet.

any spyware programs trying to access the internet directly can be identified in the fierwall logs as an unatherised access attempt.

Related Discussions

Related Forums