Re: Internet Access Restriction using Group Policy - Anyone know how?
From: Karl Levinson, mvp (levinson_k_at_despammed.com)
Date: 12/31/04
- Next message: awib: "Enabling a Certificate template"
- Previous message: Karl Levinson, mvp: "Re: Internet Content Advisor"
- In reply to: BobRosas: "Internet Access Restriction using Group Policy - Anyone know how?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 31 Dec 2004 07:44:32 -0500
"BobRosas" <BobRosas@discussions.microsoft.com> wrote in message
news:71D563C2-9491-4F24-802B-1DF74EDAB34E@microsoft.com...
> I want to restrict internet access through a GPO. Can this be done?
I feel this is much better done first via a router, firewall or a proxy
server, preferably one that can do per-user authentication. I believe
www.netscreen.com has relatively inexpensive firewalls starting around $550
US, or cheaper on ebay, that can do this. Once you've done that, if you
want to use some method to cripple Internet access via GP, that might not be
such a bad idea in addition to using your firewall. One problem is that
your GP does nothing for computers that are not in the domain, such as a
laptop that enters your environment.
Additionally, if your network is all on one subnet, you could possibly
configure your DHCP server using reservations to not give out a default
gateway IP address to certain MAC addresses. This doesn't do anything for
people that put in a static IP address, or people that switch network cards
or choose to spoof their MAC address.
regards,
Karl Levinson, MS MVP, CISSP
Microsoft Security FAQ:
http://securityadmin.info
- Next message: awib: "Enabling a Certificate template"
- Previous message: Karl Levinson, mvp: "Re: Internet Content Advisor"
- In reply to: BobRosas: "Internet Access Restriction using Group Policy - Anyone know how?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
