No announcement yet.

Block Internet for Users

  • Filter
  • Time
  • Show
Clear All
new posts

  • Block Internet for Users

    Hello, ive been asked to block internet in a certain company, and allow only pop3 and smtp to be accessed for email. What should be the best solution for that? managed switch ? firewall ? server? the router they have is a normal adsl router.


  • #2
    Re: Block Internet for Users

    You failed to mention the size of the budget for this. Your going to have a very wide range of options which range from hacks and tricks to full blown solutions.

    Here are... off the top of my head from cheapest to most expensive
    block port 80 and 443 on the firewall
    Push down a fake proxy server to internet explorer, that would render the browser unuseable
    Remove external DNS servers and use only an internal DNS server where you only specify the ip addresses to the domains you want
    Run a real proxy server like squid and configure that accordingly
    Depending on the firewall you use, many small office firewalls have built in web filters
    Or go with a corporate solution like SurfControl or Websense to get more granular with what you block
    Daniel Frei
    -Windows Operations Server Administrator
    -Exchange Guru
    -Cisco Fanatic
    -SharePoint Hippie
    -Volkswagen Enthusiast


    • #3
      Re: Block Internet for Users

      Indeed, you need a firewall in place to do this.
      block all ports except DNS, SMTP, and POP3 and you are done.

      Personally I'm a big fan of ISA server, but Check Point or ASA or any other firewall will help you out.

      What do you currently have, how is your gateway security arranged and what is the budget?
      Technical Consultant

      MCITP(EA, SA), MCSA/E 2003:Security, CCNA, SNAF, DCUCI, CCSA/E/E+ (R60), VCP4/5, NCDA, NCIE - SAN, NCIE - BR, EMCPE
      "No matter how secure, there is always the human factor."

      "Enjoy life today, tomorrow may never come."
      "If you're going through hell, keep going. ~Winston Churchill"