Yes I would much rather put in a more suitable firewall that has the abilities I need, but there is no budget for other hardware.More often than not, its a cop out to make ITs job easier in the short run.There is very little you can do to a machine that a user with admin rights cannot undo.
Be granular. What, exactly, are you trying to prevent Is it access to the Internet, or access to a web browser (See 1.) More importantly, why do these limitations need to apply to this machine Or is it the users youre worried about Evaluating the business requirements will force management to address some of the glaring issues I already see with the project parameters. Keep asking questions until you get to the root of the issue. You will often find that the surface solution (e.g., Block teh Interwebz) is not what really needs to happen. Windows Server comes with the ability to manage these at the network level. Implementing WSUS wont take long, and handily fixes that problem. See 4. ![]() Is this a workgroup setup, or are you in a Windows domain Workgroups (that is, non-centralized computing) are rarely appropriate for any business with more than a single employee, and breaks down almost entirely once you hit 5 or more users. IT costs money. You need a budget and the freedom to implement the best solution that fits the business requirements. No good will ever come of a non-technical manager attempting to dictate technical solutions. I have also been known to deny everyone execute on iexplore.exe. CEO just wants to block these 2 people with the exceptions needed. Block Internet Access Full Lockout OtherHowever, I would rather have more of a full lockout other than trusted networks and then allow very specific exceptions on the non-trusted network. This little network had a 4 port switch and had NO connection to internet at all. This was all in place before I ever came on to help them out. And they are now on a 1GB Dell PowerConnect Switch which has connection to simple hardware firewall and internet. So now the 2 accounting computers have access to internet where they have not had it in the last 8 years. Lets just stick with the assumption I listed and that is assume we CANNOT or do NOT want to do the following.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |