Internet Access Control

The wealth of information offered on the Internet can be a distraction to your users, or even a possible legal liability. In development is a new version of our NAT product that adds control of your Internet Accesses to your management toolkit.

What is Access Control?

Internet Access Control is the ability to restrict access to material, services or even the entire Internet, under the control of the NAT administrator. It gives you the ability to tailor your users' view of the Internet to comply with your guidelines. Abilities in the next version of NAT software will include:

Blocking access to specific sites
Permitting access to specific sites
Limiting access to just email (SMTP and POP3)
Preventing any Internet access
Combinations of the above

In addition, you will be able to group your internal hosts by function, and set different combinations of access rights for each group. You may block your user workstations, while permitting access by your mail relay host and your administrator workstation.

Good Site, Bad Site

When enabled, the NAT Access Control will check the IP Address of the host your user is trying to access, against a list of undesirable sites, and prevent the request from going into the Internet. What your user "sees" depends on the client software, but is usually something like "connection refused by host." The deflected access may be logged for administrator review if desired.

The biggest problem with the Good Site, Bad Site model is the ease with which a site administrator may change the IP Address of the host computer. A server administrator that intends to distribute objectionable information may thwart this protection by continuously changing the IP Address of the server, thereby becoming a "moving target."

Timed Rights

A feature of the new NAT software will be automatic control of access rights based upon time. One mode will permit automatic application of an Access Rights Profile based on the time of day, freeing the administrator of the need to enable or disable the rights of a group by hand. This could be used to allow unlimited "surfing" before and after the normal workday, and possibly at lunch.

The other mode is like a countdown timer. The administrator or designee may enable a certain level of access rights for a group for a specific period. At the end of the period, the rights revert to the normal ones for that group. This is particularly useful for schools, where a teacher might wish to enable full surf abilities for a computer lab while the teacher is there to provide supervision. The timer keeps the teacher from forgetting to disable the lab when the class is over.

This page was last modified on April 19, 1996.

This information is proprietary to Network Safety. Network Safety, WebElite and NetNAT are trademarks of Network Safety. For information on our products and services, please contact our sales department. This page was prepared using WebElite, our professional editor for the Web.