G
Gary Richtmeyer
I have a small-business CPA customer with multiple Win XP Home (SP2) PCs
networked together via the usual router/switch configuration to allow file &
print sharing. Until recently, only 1 PC could access the Internet and that
was via dial, but they've "taken the plunge" and ordered DSL.
The owner is absolutely paranoid about security and is convinced that while
a PC is connected to the Internet, people could hack in and steal customer
financial and identity-type info. The longer the time the PC was connected,
the higher the risk. With dial, he felt he could control that by
restricting dial access to a single PC (with no customer data on the PC) and
allowing the dial session to last only as long as absolutely necessary.
Given this mindset, DSL has him real worried. I've explained about
firewalls (both hw & sw) and all the other ways of protection and he's
reluctantly agreed to allow all of his PCs to be able to access the
Internet.
However (and here's the problem), he still wants to limit the time the PC
has Internet access. He wants to have some kind of "switch" that a user
would turn ON or OFF to allow their PC to be able to access the Internet.
In other words, if the user is doing internal office work (which requires
access to other PCs or printers on the LAN), the "Internet switch" should be
OFF to not allow Internet access. When the user needs to do email or access
a web site, they would turn the switch ON, do the online activities, then
turn the switch OFF again. But the PC needs LAN access at all times.
I've tried to explain the folly of his "solution" and that keeping the
switch OFF by default would stop all Windows and anti-virus automatic
updates, but he wants to give it a try.
So does anybody know a technique or program that could do this? Since
turning the switch ON/OFF will happen multiple times per day on each PC, the
solution has to be something simple. I envision having to setup some sort
of BAT file that would issue the appropriate commands to turn the switch ON
or OFF. Just not sure if the "switch" is within TCP/IP, the router, or
what.
I done a lot of Googling and found some solutions for permanent
restrictions, but nothing that can be easily turned off and on. I'm looking
for help!
Gary Richtmeyer
networked together via the usual router/switch configuration to allow file &
print sharing. Until recently, only 1 PC could access the Internet and that
was via dial, but they've "taken the plunge" and ordered DSL.
The owner is absolutely paranoid about security and is convinced that while
a PC is connected to the Internet, people could hack in and steal customer
financial and identity-type info. The longer the time the PC was connected,
the higher the risk. With dial, he felt he could control that by
restricting dial access to a single PC (with no customer data on the PC) and
allowing the dial session to last only as long as absolutely necessary.
Given this mindset, DSL has him real worried. I've explained about
firewalls (both hw & sw) and all the other ways of protection and he's
reluctantly agreed to allow all of his PCs to be able to access the
Internet.
However (and here's the problem), he still wants to limit the time the PC
has Internet access. He wants to have some kind of "switch" that a user
would turn ON or OFF to allow their PC to be able to access the Internet.
In other words, if the user is doing internal office work (which requires
access to other PCs or printers on the LAN), the "Internet switch" should be
OFF to not allow Internet access. When the user needs to do email or access
a web site, they would turn the switch ON, do the online activities, then
turn the switch OFF again. But the PC needs LAN access at all times.
I've tried to explain the folly of his "solution" and that keeping the
switch OFF by default would stop all Windows and anti-virus automatic
updates, but he wants to give it a try.
So does anybody know a technique or program that could do this? Since
turning the switch ON/OFF will happen multiple times per day on each PC, the
solution has to be something simple. I envision having to setup some sort
of BAT file that would issue the appropriate commands to turn the switch ON
or OFF. Just not sure if the "switch" is within TCP/IP, the router, or
what.
I done a lot of Googling and found some solutions for permanent
restrictions, but nothing that can be easily turned off and on. I'm looking
for help!
Gary Richtmeyer