A client has asked me to setup Windows 2008 SBS to block and log websites from a list they will provide. As far as I know they only have standard edition which means I cannot use ISA. I was thinking of using squid authenticated against Active Directory.
There is no budge for additional software. Does any one know of a different/better solution using either open source software or software that is available in Windows 2008 SBS?
Thanks
setting up squid to be a transparent proxy + ACL's is your best bet.
ISA doesn't come with the premium version of SBS 2008. You'll need to purchase Windows Essential Business Server 2008.
What about using OpenDNS as your DNS forwarders (and dropping outbound port 53 UDP/TCP so no "power users" can use their own DNS upstream; obviously you'd want to use your firewall's DNS forwarder in your SBS DNS forwarders or add a firewall rule to allow your SBS server to get out on port 53 UDP/TCP).
With OpenDNS, you can create a free account, verify your IP address, and then log in and block as many sites as you want from a preconfigured list (porn, gambling, etc.) and add your own via the Manage individual domains section.
I've been using this with great success for several clients and a few family member's homes as well.
The nice thing about OpenDNS is that if they do all the hardwork about maintaining that list (which will become quickly outdated) by their partnership with a content research organization (can't remember which one).
