[SOLVED] Blocking Multiple Tablets Internet Access?

Status
Not open for further replies.

SunWers101

Reputable
Jul 2, 2020
4
1
4,515
Hi Everyone,

How would you block internet access to multiple Android devices? Our company just purchased software for production and our IT guy says our tablet are blocked from web access and cannot download gaming apps. I noticed this week, this is not true... I was able to open a YouTube channel to watch a video and I was also able to download a game app with no problem. So, I'm thinking internet access is not blocked as it should be. He said he blocked tablets by IP address. What options do we have for blocking internet access? I'm thinking a couple options would be to block tablets in the router's setting by MAC addresses, but we would have over 1000 tablets to do this with. I also know there is a software for managing multiple devices. But I'm not sure after purchasing this production software if purchasing a MDM would be an option. What would your suggestion be for blocking internet access to block game app downloads and web searching?

Thanks,
Susan
 
Solution
Well, a competent IT 'guy' would have set up a "deny all" rule on the firewall with exceptions as needed instead of the mess that exists. Another approach is to configure without a default gateway on all machines to be denied internet access, this will limit access to only the local network.

SunWers101

Reputable
Jul 2, 2020
4
1
4,515
If you have 1000 tablets, and they are not managed centally, you have much bigger problem than a guy watching YouTube. And one of the problems is the purchasing manager approving 1000 off-the-shelf tablets.

Hi Alabalcho, above you said "if they were not managed centrally" did you mean by a mobile device management software? I'm not in the IT department but I'm thinking he is managing these through a router... I am the person who is helping to setup the the production software at each branch and then I train the operators how to use it. When the tablets were purchased it was stressed that these would not get internet access because of the chance that they could get hacked or infected by a virus. I stressed in the beginning that we needed a MDM but our IT guy did not see the need for one. Now I've noticed that these tablets do have internet access. I'm just trying to help... would you have any suggestions about what needs to be done? The tablets we have are Acer Iconia 8, the production software has been installed on a network drive, and they recently went over to using virtualization.

Thanks, any help or suggestions would be greatly appreciated.

Susan
 
Well, a competent IT 'guy' would have set up a "deny all" rule on the firewall with exceptions as needed instead of the mess that exists. Another approach is to configure without a default gateway on all machines to be denied internet access, this will limit access to only the local network.
 
Solution

SunWers101

Reputable
Jul 2, 2020
4
1
4,515
Thanks ex_bubblehead, This was what I was thinking should be done. When I was able to get internet access, I knew something wasn't right. I graduated a little over 10 years ago with an IT degree but I was hired in for cad design and other cad related jobs. So once this project come along I was ask to join in because of my background. It's been so long since I studied information technologies so I'm just trying to get caught back up. I haven't actually worked in the IT department, but I interned for my last semester in college. I'm excited and looking forward to this new journey.

This production software has been installed on a network drive and the tablets has WiFi connection that is dedicated just for them. Windows Server 2012 is the Server OS being used. So I was thinking that a "deny all" rule needed to be setup with exceptions to the IP address that the software is reached by... or since the IP address is within the network will that exception need to be added? If I'm remembering right, this is done through "Windows Firewall with Advanced Security"?

The IT guy's boss is also my boss... so before I brought this requested information back to my boss, I wanted to make sure I have my facts right.

Thanks,
Susan
 
Last edited:

SunWers101

Reputable
Jul 2, 2020
4
1
4,515
Managing a network of 1,000 devices is a dedicated full time position. Probably 2 people.
If the current IT guy can't do it, hire someone else.

Yes, I agree and I think this is in the works (hiring a second person) but I don't think he realizes (or doesn't care) how important security is for all these devices. I also thought the best option would have been to purchase an MDM for device management. But he voted this out as soon as it was mentioned.
 
Last edited:
  • Like
Reactions: Carrierbid
Status
Not open for further replies.