Whilst moving some group policies to local policies, an issue came up that we could no longer filter web traffic as the devices were changing network and were no longer going through our traditional proxy. With this setup only having a handful, at most, computers it wasn’t cost effective to purchase another web filtering product. The best solution for us was to use Content Advisor which is built into Windows to block specific websites. This is how i set up the policies.
Before being able to start listing the URL’s, Content Advisor had to be enabled through the local policy.
- Windows Key + R and typing in MMC
- This brought up the management snapin console
- File > Add/Remove Snapin allows for the local policy snapin to be loaded to be edited
- Add the group policy object snapin in and ensure the local computer object has been selected
- Navigate to the following User Configuration > Admin Templates > Windows Components > internet Explorer > Internet Control Panel > Content Page
- Enable the ‘Show Content Advisor on Internet Options’ setting
- Save and close
- Log onto the machine as a local admin
- Use the run command again (Windows Key + R)
- Type in the run box inetcpl.cpl and change to the Content tab
- Enable Content Advisor. You should be prompted to set a password to access the settings
- The ‘Ratings’ tab is used to categorize URL’s. The ‘Approved Sites’ is to allow or deny specific URL’s whilst the ‘General’ and ‘Advanced’ provide additional settings to enhance coverage.
- If a website has been added to the ‘Approved Sites’ tab as denied it was prompt the user that the page can not be reached and a password will be needed to allow temp access.
Please note: The method above will enforce on all users that log into that machine.