Start networking and exchanging professional insights

Register now or log in to join your professional community.

Follow

I have 2 server win windows 2008 R2.

1 for internet and1 is Finance (Domain Server)4 user connected to that finance server and they can access Internet also but how can i block the social media site from domain or internet server with out any Router only need to configure frm system

user-image
Question added by rathesh nair , Group IT Head , Aayush Group of Hospital
Date Posted: 2013/12/14
Mostafa Khamies Dakam
by Mostafa Khamies Dakam , Network Specialist , Libyan Fertilizer Company

I think you need a proxy software to do this, like ISA

Mohammad Waheed Saeed
by Mohammad Waheed Saeed , IT Support Officer , Habib Bank Ltd

Ok, here is the spoiler Godish trick to this.

 

Note:

- Since your users are regular AD Users, they can not change their ip adress or settings already.

 

step1> goto opendns.com

step2> signup for free, get your Internet IP (Public IP) registered there (actually it will automatically pick it up) you just have to click confirm.

 

step3> understand their interface and setup categorized restriction on DNS Requests coming from your public ip for you can find50+ cat there e.g. ( porn, malware, tobacco, weapon, news, classified, games, social )

 

step4> once you are done you go to your DC DNS Management MMC and setup a forwarder there (google it) and forward all your dns queries to208.67.222.222 /208.67.220.220 i.e. open dns servers.

 

once you do this, in minutes your users trying to access social media (or blocked website) will begin to see a BLOCK  page ........ VOILAAAA.

 

simple, clean, easy, tension free and straight forward approcah to your solution.

 

don't make no rules in ISA, don't worry about new sites being introduced. (OpenDNS) does it all.

 

if you still have a question, feel free to ask.

Thank you

Marwan Mohamed Khalil Mohamed Sharara
by Marwan Mohamed Khalil Mohamed Sharara , Senior IT , TabarakHolding

you can create a zone on the dns server named facebook.com or any other social media site you wanna block & all the requests for this sites with return page not found.Also you can install HT Employee Monitor on each device & use to block the websites.

Mustapha ID-BAHAL
by Mustapha ID-BAHAL , Network And System Administrator , Labbaik Group

it is not optimal to deploy windows server only to do web filtering for only4 users, you can do this by using a firewall appliance like pfsense or sophos or m0n0wall....

you can do a lot more wuth these kind of firewall : proxy server, web filtering, dhcp server.......

Note: these appliance doesn't require an OS to be run over it, they are them-self OS, so this windows server will be an extra server for you, maybe using it as a file server

best regard

Jeffer Basilan
by Jeffer Basilan , ICT Systems Administrator , Rezayat IT and Communications Company - Rezayat Group

Reroute the Social Media sites to an IP that's pointing towards itself(Machine Local Home Address). In this case, refer to this example: www.facebook.com should be pointed to.0.0.1. If you have a domain controller, create a dns entry for a particular social media sites and publi9sh it on the network.

Ahmad Abualkishk
by Ahmad Abualkishk , Azure Stack Support Escalation Engineer , Microsof

you need to install TMG server from microsoft then you can block any site you want 

Deleted user
by Deleted user

Hi there, 

The second server must work as a proxy server, that can be done as Mr. Mustafa said by using ISA server or any other servers, then u need to configure the clients to communicate with the internet through that proxy server, this can be done by deploying GPO policies to force the users for that proxy, next u will configure the internet policies for every user / group of users.

 

for my work i used a free linux server like zentyal (ubuntu based linux server) as proxy server, and from the group policy managment consol i forced the specific organizational units to use that server as proxy, next configured the catigory list on the server, u can add a specific links to be filtered or a category like Social, Finance, News .. 

 

hope this will work for you

Many thanks

M.Fota

Asif Khan
by Asif Khan , IT Consultant , Future Focus Info-tech LLC

Block any web site using IPsec MMC and apply it in Domain using Group policy.

Arfath Mohammed.
by Arfath Mohammed. , IT Manager , Hyundai Arabia Company Ltd

select your domain and create a new policy in GPMC Name the policy  no internet and right click no internet and press enforced to check it  and assigned group policy that sal

More Questions Like This