Go Back   NETGEAR Forums > Enterprise/Business Products > Firewall / VPN Devices > VPN Routers

Reply
 
Thread Tools Display Modes
  #1  
Old September 24th, 2012, 05:35 PM
Augello Augello is offline
Junior Member
NETGEAR Newbie
 
Join Date: Jun 2009
Posts: 31
Augello is on a distinguished road
Default WEB Site key word blocking

SRXN3205 FW 3.0.8-12

client wants facebook and other social media sites blocked at all workstations.

On the LAN menu I find keyword blocking; however it appears to be based on Groups of computers and to block a computer I have to know it's IP address (easy enough) and the MAC address (hard enough). Why can't I just block a keyword from all comuters?

The router I'm managing is 50 miles away; To retreive the MAC address of every workstation in the building means I have to drive to the office location and go to each computer and display the NIC properties for each workstation to retrieve the MAC address.

There has to be an easier way to block Facebook.
Reply With Quote
  #2  
Old September 24th, 2012, 06:34 PM
adit's Avatar
adit adit is offline
Moderator
NETGEAR Fanatic
 
Join Date: Nov 2006
Location: USA
Posts: 5,235
adit is on a distinguished road
Default Re: WEB Site key word blocking

You need a UTM router. You won't be able to block facebook with just a keyword.

Other option is to use OpenDNS, but this is not foolproof.
__________________
.
Forum Rules - Post Screenshots on ImageShack for Free - Firmware Upgrade Procedure
.
Online Subnet Calculator - LAN Subnets NOT to Use - SA Lifetime Guidelines - Hex/IP Converter
.
Free Netgear Support Online Trouble Ticket Submissions 1-888-NETGEAR 4,3 Netgear Knowledge Base
.
VPN Router Support, Interface Demos,and Marketing Pages:
.
SRX5308 S M - FVS336G S I I M - FVS318G S M - FVS318N S M - FVS338 S I I M - SRXN3205 S M -
VPNG01/5L S M - FVS318 S I I M - DGFV338B S I M - FVG318 S I I M - SSL312 S I M - FVX538 S I I
.
FVS114 - FVS124G - FVS328 - FVL328 - FWG114P - GPL Firmware Code - MyOpenRouter - VPNC Docs
.
Click Here for my VPN Client and Mode Config VPN Client Tutorials
.
ProSecure STM/UTM Appliance User Forum - Prosecure Marketing Website
.
.
Good Luck...ADIT

FYI - I am a Reseller and not employed by Netgear
Reply With Quote
  #3  
Old September 25th, 2012, 06:06 AM
Jupp Jupp is offline
Junior Member
NETGEAR Newbie
 
Join Date: Feb 2007
Posts: 23
Jupp is on a distinguished road
Default Re: WEB Site key word blocking

If you have not configured the "LAN Groups", every workstation in the client's local network is in "Group1". So, if you enable the keyword blocking for this particular group and pick the proper keywords, you'll achieve precisely what your client wants with a few clicks.

I'm assuming the SRX3205 firmware works like the FVX538 and SRX5308 firmware though.
Reply With Quote
  #4  
Old September 25th, 2012, 07:03 AM
jmizoguchi's Avatar
jmizoguchi jmizoguchi is offline
Senior Member
NETGEAR Fanatic
 
Join Date: Feb 2007
Location: Kentucky, USA
Posts: 94,015
jmizoguchi is on a distinguished road
Default Re: WEB Site key word blocking

Too much hassle. UTM will fix the issues with blocking white/black list at ease
__________________
VPN Case Study (www.vpncasestudy.com)
Our Second To None VPN Related Setup Case Study
"One Stop Solution To Your Netgear VPN Connectivity"
*Visit the site for Non-VPN related Doc & Links* [Windows & Mac user/support]

Most Other Useful Docs -"General Technical Documentation", "Router Reset", "Router Setup", "Print Server Tips", "Remote Admin"
"Wireless Tips"


Forum Policy

June Mizoguchi-i....@vpncasestudy.com
Reply With Quote
  #5  
Old September 26th, 2012, 05:05 AM
Daedalus01's Avatar
Daedalus01 Daedalus01 is offline
Senior Member
Advanced NETGEAR Expert
 
Join Date: Nov 2008
Location: Dallas Texas
Posts: 627
Daedalus01 is on a distinguished road
Default Re: WEB Site key word blocking

Quote:
Originally Posted by jmizoguchi View Post
Too much hassle. UTM will fix the issues with blocking white/black list at ease

Not only that, but some of the smarter ones will know that if they go to a proxy site, that they can still go to facebook and social media sites. a UTM can block proxy sites as well.
Reply With Quote
  #6  
Old September 26th, 2012, 07:38 AM
jmizoguchi's Avatar
jmizoguchi jmizoguchi is offline
Senior Member
NETGEAR Fanatic
 
Join Date: Feb 2007
Location: Kentucky, USA
Posts: 94,015
jmizoguchi is on a distinguished road
Default Re: WEB Site key word blocking

Application security do not have specific to proxy blockage.

I think people who really need to control the network should be on client/domain or make each workstation as non admin account for small business and control.
__________________
VPN Case Study (www.vpncasestudy.com)
Our Second To None VPN Related Setup Case Study
"One Stop Solution To Your Netgear VPN Connectivity"
*Visit the site for Non-VPN related Doc & Links* [Windows & Mac user/support]

Most Other Useful Docs -"General Technical Documentation", "Router Reset", "Router Setup", "Print Server Tips", "Remote Admin"
"Wireless Tips"


Forum Policy

June Mizoguchi-i....@vpncasestudy.com
Reply With Quote
  #7  
Old September 26th, 2012, 11:31 AM
Daedalus01's Avatar
Daedalus01 Daedalus01 is offline
Senior Member
Advanced NETGEAR Expert
 
Join Date: Nov 2008
Location: Dallas Texas
Posts: 627
Daedalus01 is on a distinguished road
Default Re: WEB Site key word blocking

Quote:
Originally Posted by jmizoguchi View Post
Application security do not have specific to proxy blockage.

I think people who really need to control the network should be on client/domain or make each workstation as non admin account for small business and control.
My point was, and from known experience, that if people find out they are blocked from certain things, they will try to circumvent the security in place to get around it and do what they want to do. At a company I used to work for, someone was going to gaming sites. We blocked access to the gaming sites, but then they figured out that if they go to a proxy site, they can get around the block we had in place. So we added proxy sites to our blocking list. Overall point, UTM devices regardless of who makes them, are a great investment for the workplace to lock things down.
Reply With Quote
  #8  
Old September 26th, 2012, 11:47 AM
jmizoguchi's Avatar
jmizoguchi jmizoguchi is offline
Senior Member
NETGEAR Fanatic
 
Join Date: Feb 2007
Location: Kentucky, USA
Posts: 94,015
jmizoguchi is on a distinguished road
Default Re: WEB Site key word blocking

Quote:
then they figured out that if they go to a proxy site, they can get around the block we had in place. So we added proxy sites to our blocking list.
If you have AD server and supplement with third party AD policy software you can block specific while keeping some of the domain account restriction easier while user can use as mostly full unrestricted workstation but you block such as proxy setting to be restricted.

Having one single box to do all sometime are not the best way to be.
__________________
VPN Case Study (www.vpncasestudy.com)
Our Second To None VPN Related Setup Case Study
"One Stop Solution To Your Netgear VPN Connectivity"
*Visit the site for Non-VPN related Doc & Links* [Windows & Mac user/support]

Most Other Useful Docs -"General Technical Documentation", "Router Reset", "Router Setup", "Print Server Tips", "Remote Admin"
"Wireless Tips"


Forum Policy

June Mizoguchi-i....@vpncasestudy.com
Reply With Quote
  #9  
Old September 27th, 2012, 08:59 AM
Daedalus01's Avatar
Daedalus01 Daedalus01 is offline
Senior Member
Advanced NETGEAR Expert
 
Join Date: Nov 2008
Location: Dallas Texas
Posts: 627
Daedalus01 is on a distinguished road
Default Re: WEB Site key word blocking

Quote:
Originally Posted by jmizoguchi View Post
Having one single box to do all sometime are not the best way to be.

That was at my old job. That is also the reason why I have 25 servers and I'm going to be buying a few more.
Reply With Quote
  #10  
Old September 27th, 2012, 09:13 AM
jmizoguchi's Avatar
jmizoguchi jmizoguchi is offline
Senior Member
NETGEAR Fanatic
 
Join Date: Feb 2007
Location: Kentucky, USA
Posts: 94,015
jmizoguchi is on a distinguished road
Default Re: WEB Site key word blocking

lol... tons of way of setting up so you know there will be so many ways IT team will go through...

__________________
VPN Case Study (www.vpncasestudy.com)
Our Second To None VPN Related Setup Case Study
"One Stop Solution To Your Netgear VPN Connectivity"
*Visit the site for Non-VPN related Doc & Links* [Windows & Mac user/support]

Most Other Useful Docs -"General Technical Documentation", "Router Reset", "Router Setup", "Print Server Tips", "Remote Admin"
"Wireless Tips"


Forum Policy

June Mizoguchi-i....@vpncasestudy.com
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off



All times are GMT -8. The time now is 02:06 PM.