How can I control what ppl use Inet bandwidth for in my LAN?

Discussion in 'Networking & Security' started by Starriol, Jul 11, 2006.

  1. Starriol

    Starriol Limp Gawd

    Messages:
    191
    Joined:
    Jan 3, 2006
    I work at a company where employes abuse of the right to have Internet.

    We are going to implement a file server and router on a brand new, powerfull, Windows 2003 server PC.
    Linux is not an option since I'm no expert.

    My question is, if the PC handles the connections to Internet (working as the router), can I, with some program that works in that PC, asign a maximun of bandwitdh usage, allow only say port 25, 80, BY IP?

    Let's say that John uses Internet to manage his personal website via FTP (some guy here actually DOES that!).
    Can I allow him to use only port 80 and at a certain download maximun (say 2 KBytes /second)?

    Any programs I should get, please list them.

    Thanks a lot :) !!!
     
  2. YeOldeStonecat

    YeOldeStonecat [H]ardForum Junkie

    Messages:
    11,330
    Joined:
    Jul 19, 2004
    If you have not purchased your server yet...and wish to learn a bit more...you can get Small Business Server Premium..and utilize ISA2004 that comes as a component of it. Decent learning curve.
     
  3. Starriol

    Starriol Limp Gawd

    Messages:
    191
    Joined:
    Jan 3, 2006
    "Small Business Server Premium"?? What is that? Soft? Hardware?
     
  4. -(Xyphox)-

    -(Xyphox)- [H]ardness Supreme

    Messages:
    6,518
    Joined:
    Sep 9, 2004
  5. da sponge

    da sponge [H]ard|Gawd

    Messages:
    1,133
    Joined:
    Aug 23, 2001
    ISA doesn't provide any direct method of bandwidth control. You can limit what type of applications can connect out (allow only web browsing & block P2P/FTP completely), but you can't limit what percentage of your total bandwidth it can use up (No reserving bandwidth for internally hosted applications/services). For that you need a packeteer / linux firewall that supports bandwidth control.

    I use ISA and wholeheartedly reccommend it - just know its capabilities & limitations. If you go the ISA route, I also reccommend GFI WebMonitor - it scans/blocks HTTP traffic based on content types/signatures. Prevent users from downloading executables & activex controls. It also scans for viruses/malware.
     
  6. YeOldeStonecat

    YeOldeStonecat [H]ardForum Junkie

    Messages:
    11,330
    Joined:
    Jul 19, 2004
    It doesn't throttle bandwidth "per user"...but it can QoS bandwidth based on application..matter of fact..flat out block certain application traffic..which appears to be what he needs.

    There are a few true bandwidth limiters for windows also..netlimiter being one of them.
     
  7. da sponge

    da sponge [H]ard|Gawd

    Messages:
    1,133
    Joined:
    Aug 23, 2001
    Oh? I thought they pulled all bandwidth prioritization from 2004 (it was there to a limited extent with 2000). I wasn't aware that you could QoS based on application in 2004 - how is it done? Are you talking about the new Diffserv filter for web traffic?