How do I block my users from accessing all but a few authorized Web sites?

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Network Security Best Practices and Products Ethical hacking and countermeasures: Network penetration testing intro Are you on a domain name system (DNS) blacklist database? Rogue access points: Preventing, detecting and handling best practices Network security threats solved by risk management: John Pironti explains How to evaluate and manage UTM for network security Profiling -- and protecting against -- network problem users: The Internet Novice How does a firewall work? Physical network security key to fighting low-tech threats Why are TCP/IP networks considered unsecured? Troubleshooting networks: Can vendor software self-install firewalls? Network security Where can I find Puneet Mehta's most recent network security advice? How do VPN concentrators and network access servers (NAS) differ? What keeps unauthorized users from accessing my IP address/Internet? Controlling network access by MAC address restriction on wired networks Retrieve network resources and email after installing ISA Server 2004 What network security threat does a QM FSM error pose in IPsec VPNs? How to block porn with ISA-server firewalls Who is responsible for updating network firewalls? How to locate the lost IP address of an access point (AP) What HIPPA-compliant software would you recommend for online medicine?

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary anti-replay protocol  (SearchNetworking.com) dynamic packet filter  (SearchNetworking.com) HELLO packet  (SearchNetworking.com) packet filtering  (SearchNetworking.com) rule base  (SearchNetworking.com) stateful inspection  (SearchNetworking.com)

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary

The best solution would be to install a proxy server/firewall software such as MS ISA, KERIO, or WebSense on the server and configure this proxy/Internet filtering software to allow access to specific websites. You will need to point all the clients to use this proxy server for Internet access.

The other option is to create rules in your router configuration. Depending on your router, you can edit the ACL to either deny all outbound internet traffic - port 80, or to allow for specific outbound Internet traffic – port 80. (The sites you need to allow). This needs to be the first rule in the List.

Your other option, if you have fewer users/clients, then you can also configure the Internet explorer's content advisor feature to only allow the specific sites. Once the configuration is done, the administrator can lock down this configuration with a password for restricting further unauthorized changes. But, again this is not a foolproof solution as the users familiar with registry editing can tamper with configuration thereby by-passing the security restriction.

I would suggest you go with the first solution, as it is more secure, reliable and scalable.