Limit certain internet access at work.

[bigboy529]

Hi all
I'm looking for a way to control social media access on my small office wifi network. I'm using a TP-Link Archer D9 router and will soon get a Huawei B618 LTE modem, but I think I'll only be using the Huawei as a modem and the TP-link for the wifi etc.

I want to be able to block social media access for certain times of the day, for example no Facebook, YouTube etc between 8:00 and 13:00, open it up for lunch time between 13:00 and 14:00, then no access again till 17:00.
A second nice to have option, maybe to also limit the bandwidth to the social media sites while open, so that the users can only do basic things on it during that hour and not have full access to suddenly download HD videos etc.
While at it, a general filter to block out pron or try at least will also be nice, though this type of thing was never really a problem before.

Note that I won't be able to install software on each persons device, so this is something I would have to do on the router side. The TP-Link Archer D9 has bandwidth throttling, parental control and guest network settings, but these look very complicated to use and is probably not that powerful. I for example think you'll be able to set it to block www.facebook.com, but it won't be able to block Facebook access threw a smartphone app, it will only block access threw a browser.

 

[crackersa]

slavery ended. pay for delivery, not time spent at work.

 

[infscrtyrisk]

What exactly is the problem with social media? Is it technical (like bandwidth utilisation), or is it people problems (like poor performance, time wasting), or something else?

 

[syntax]

You have a few options

1. You can setup a free version of a UTM firewall and block that way, I honestly havent used the free versions but they can probably do a decent enough job.
2. You can purchase a UTM firewall (they are surprisingly cheap nowdays) and setup the time based filters and shaping etc.
3. you can use a service like openDNS or Umbrella which doesnt require hardware and you can control a fair what of what you what to do very very easily
4. Use your current device to try do the enforcement

Some considerations:
HTTPS can cause issues, especially on the cheaper implementations
proxy avoidance or tunneling also applies, it can bypass the cheaper implementations
a directory structure like AD would give you greater control over the users and policies and make it easier for you to report and manage

There is more than just controlling access to the sites, you should also be worried about malicious content being browsed or downloaded. Some of the above solutions can also help protect against this, even if your users are out of office with their devices.
Security doesnt have to be an expensive exercise but it should be a consideration, even for small businesses

 

[bigboy529]

What exactly is the problem with social media? Is it technical (like bandwidth utilisation), or is it people problems (like poor performance, time wasting), or something else?

Time wasting, less productive, distraction, procrastination, call it what you want. So no not technical, people problems.

I believe totally blocking it in the office won't do good for morale, plus there are certain people on the marketing team who needs social media access for work so it would be unfare to allow some and not others. But I do believe putting time restrictions in place will help the situation a lot, hense the before and after work plus lunch time.

Clicking on a link and suddenly landing up on Facebook has become so much appart of our daily lives and before you know it, 10 - 15 minuts have past scrolling threw your timeline, so I guess part of this is breaking bad habits as well. Some of us actually had a discussion about this and agreed that it will help everyone to focus more on their work, so it won't be a matter of me putting this in place and everyone hating me for it.