5 Years
Discussion Span
Last Post by migicikinyanjui

If your users have admin rights to install items to their workstations, there's nothing you can do to stop one with some skill from bypassing your websense.

The key here is to remove admin rights from the WS so that they canouldn't install tor, or any other vpn/proxy/tunneling solution in the 1st place.


So, think about how you are blocking access to the Internet. For example, if you are requiring that your browsers simply configure their configuration to point to a proxy, are you still allowing traffic out through your Internet connection from other systems other than the proxy?

To clarify, what I am suggesting is that if you are forcing your users to use a proxy, then at the perimeter firewall, you should block ALL outbound traffic except from your proxy servers. This will force all clients to use the proxy servers to get outbound access.

Then, at the proxy server, you can impose the restrictions required for your users.


TOR does not require the user to have admin rights since no installation is done the users are just placing the tor folder on their desktops. They then start the browser it's portable.

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.