The new forums will be named Coin Return (based on the most recent vote)! You can check on the status and timeline of the transition to the new forums here.
The Guiding Principles and New Rules document is now in effect.
Youtube and the prevention thereof.
Luthz
Registered User regular
Registered User regular
Good afternoon everyone.
I'm what could be called the junior network adminstrator at company of 100+, and I would like to remove the ability of a few of our employees to access youtube. I have full network access and adminstrative account access on all computers involved. Any suggestions?
I'm what could be called the junior network adminstrator at company of 100+, and I would like to remove the ability of a few of our employees to access youtube. I have full network access and adminstrative account access on all computers involved. Any suggestions?
Luthz on
0
Posts
Most proxy's will have some easy block list or allow list for you to enter stuff into. A whitelist is basically something you use to limit access only to sites you have verified and entered, a blacklist is stuff that you have banned. The problem with a black list is it only displaces users attentions away from one site on to another, so if its a idle time issue or bandwidth issue these tactics aren't much help. Whitelist will have the most complaints but is the most effective time management tool available.
Also I would recommend thinking this one out. The Devil you know is better then the devil you don't.
Okay edit: I missed the few users part..... I recommend this route even less. First make sure HR is okay with it, second even if they are ok I recommend this even less. This is why the few ruin stuff for the many, horrible messes are made by being selective with users about miss use. As the Junior admin, have someone else do this or make sure you have your butt covered because most of this stuff comes back and bites the flip switcher in the ass.
The HOSTS file edit's not a bad idea to defeat non-savvy users, though you'll also have to do the same for urls to web anonymizers.
Also this can get political real fast unless you can say "well management told me to block you from visiting those sites," unless you blanket deny everyone to those sites.
The particular computer I'm trying to block it on goes DSL > Router > Switch > Hub.
We're working on our network infrastructure at the moment so we have a bit of cascading while we work on the wiring
I'll probably do this, the computer is used for outlook and a dos based lab management program, flash is NOT needed.
This. It's the best thing out there. Only web proxys or a nearby open wifi network are going to bypass it, and most proxys are blocked, and you can disable wifi in the admin settings on any laptops.
Also, I don't know how long you've been an admin, but a little advice, it's best to block something across the board, and not just for a few users. It looks better as a company policy then it does as a punishment for lazy workers.
Have HR discipline these users for their performance (because I assume this is why only some users are being considered), rather then be non confrontational and create a legal mess by singling out certain users or pissing off everybody by disabling a site across the board. It's this type of thinking that is going to keep your company much like mine from ever hitting its dreams.
1. Administrative solution first, ideally. If you are just blocking one site and you don't want to do anything drastic it is hard to manage if someone is determined. What you can do is have HR put their foot down, then monitor the station and see if someone goes over the line.
1. Set up a proxy server, block it at that point.
2. If you have your own DNS, you could do that.
3. You can use rules (local or domain) to totally block a PC from the net.
4. You could ad youtube to the blocked sites on the local machine (if your users are not savvy or you think they won't try to get around a block that is easiest)
5. If your firewall will work with something like websense, use that. Or blacklist it if your firewall can do that.
6. Install software to the specific machine to blacklist something. A product like Work Examiner (cheap and easy, plus free trial) or Spectorsoft CNE (fancy and more costly) can do this for one or many machines.
Really there are a hundred options. But if you have savvy users who will break easy stuff, no HR dept and no willingness to implement a company wide solution I would say purchase Work Examiner for $40 bucks, put it on the system, block the site and use it to see if they abuse their internet access in another way.
But really, try to get HR involved before you turn your company into a totalitarian regime. Once you do this stuff, if can be a slippery slope and before you know it your culture has gone to hell and everyone hates coming to work in the morning. Plus, trust me when I say it sucks to turn someone in for this stuff, anything you can do to make HR the bad guys is a good thing.
I know exactly what you are going through, I am an admin at a 150 person company, and we have been forced to deal with the same crap in the past. This is an awkward company size, because it is hard to justify the cost and disruption of enterprise level services, but you really need more capability than a small shop. Good luck, let us know what you end up doing!
You can make a lot of changes via group policy for this. I haven't tried it myself, but you could try setting the following setting to disabled - User Configuration -> Administrative Templates -> Windows Components -> Internet Explorer -> Administrator Approved Controls -> Shockwave Flash
Of course, there are other things too. You can set restricted sites up and add Youtube and/or Content ratings all with GPOs.
I don't believe it - I'm on my THIRD PS3, and my FIRST XBOX360. What the heck?