10

I have been tasked with building several PCs to act as secure kiosks that allow users to view and use an intranet site at my company.

  • Our LP staff will cover physical security, so that is not a concern.
  • To prevent booting from a USB drive or walking with the HDD, I will be encrypting with BitLocker.

What I am having trouble with is deciding on a method to lock down Windows 7 in such a way that the only thing a user has access to is a browser (in this case, IE9) and limit the browser to specific URLs (or domains).

I have considered doing this through Group Policy, but it seems there would be a substantial amount of research, development, and testing involved to get it right. With that said, does anyone know of a free or inexpensive piece of software that can accomplish this? Any recommendations would be appreciated.

bad_coder
  • 649
Chck
  • 371

4 Answers4

4

Group Policy is how either you or a piece of software will need to get this done. Linked is 2 documents; Creating a Steady State by Using Microsoft Technologies and Group Policy Settings for Creating a Steady State showing/explaining how to configure per user or machine to lock down the options you desire.

argentwolf
  • 694
3

There are plenty of kiosk software available to do this, I have used and can recommend SiteKiosk although I can't say if it is better or worse than others.

Many of the different vendors offer Free Trials, so check a few out

There also is OpenKiosk, an Open Source alternative.

Another real good choice appears to Webconverger which claims to be a Browser Only Operating System. In practice it appears to be a micro-linux, and I am not sure what customization is available.

Austin T French
  • 10,696
2

I googled lock down kiosk windows 7 and found these softwares. Seems legit and pretty solid.

Internet Kiosk Pro (http://www.emailarms.com/products/internet_kiosk.html)

Advanced Internet Kiosk (http://www.softstack.com/advink.html)

Secure Lockdown (http://shop.inteset.com/Products/21-lock-down-windows-7-and-run-internet-explorer-as-a-customized-kiosk-application.aspx)

Sitekiosk (http://www.sitekiosk.com/SiteKiosk/Default.aspx)

Or as Dark mentioned in the comments, there is a built in Kiosk mode into WIndows 8.1. If you can put this project on hold until the official release, this may give you the functionality that you're wanting without having to purchase third-party software.

enter image description here

Of course, if you can move away from Windows for the kiosk, you can use an open source alternative.

http://webconverger.com/

kobaltz
  • 14,896
0

Can't recommend WINSelect Enough. Worth the money easily.

Kevin Panko
  • 7,466
MDT Guy
  • 3,727