Web Content monitor

Chimay

Limp Gawd
Joined
May 6, 2007
Messages
415
Does anyone know of any free solution you can place just before our firewall in an office that would monitor all traffic? I'm looking for something that would basically monitor what users in the office are doing with a connection into AD / DNS to resolve the IP to a machine name or username.
 

firedrow

Limp Gawd
Joined
Oct 11, 2013
Messages
161
You can setup Untangle as a transparent bridge to do this. Just need a workstation or server with 2 NICs.
 

plupien79

Limp Gawd
Joined
May 7, 2013
Messages
238
Untangle will indeed do this. However... The free version doesn't support Active Directory.
 

k1pp3r

[H]F Junkie
Joined
Jun 16, 2004
Messages
8,275
Also in my experience with untangle, even with standard paid version, it doesn't do a good job of logging what sites a person visits in a readable way. Their logs are a pain in the butt to go through.
 

Chimay

Limp Gawd
Joined
May 6, 2007
Messages
415
Thanks for the recommendation on Untangle. I'll take a look at it. Does anyone have any suggestions on a paid product that they use in their organization that does basically the same thing well?
 

Nicklebon

Gawd
Joined
May 22, 2006
Messages
845
Many firewalls will do this if configured to do so. What firewall is your office using?
 

Chimay

Limp Gawd
Joined
May 6, 2007
Messages
415
Many firewalls will do this if configured to do so. What firewall is your office using?

Its a small office and we're using Cisco 5505 ASA. I know we need to upgrade the firmware but I haven't seen much for this specific web content monitoring in it. I've heard of bluecoat but it looked fairly expensive and I've read mixed reviews on it via forums. Does anyone use bluecoat actively that could provide input on it?
 

Nicklebon

Gawd
Joined
May 22, 2006
Messages
845
The asa is by far my weakest platform and has what I consider to be the worst logging features in the industry. That said, I think you can at least get url logging with client IP by using http inspection.

Personally I'd dump the asa in favour of a Fortinet, Check Point or Juniper box asap. IMHO they each offer a richer set of features. better logging and reporting options, better performance, plus tighter AD integration.
 

Nate7311

2[H]4U
Joined
Jan 11, 2001
Messages
3,320
Fortinet would be a great solution. Reasonable cost of entry and great support too!!
 

bracut80

n00b
Joined
Mar 30, 2010
Messages
26
we were running websense web security for the last 3 years until this year when i upgraded firewalls from watchguard to Fortinet. The fortinet handles web filtering with no issues and since it is a UTM, that module comes with it and can be turned off or on. it saved us quite a bit of money not having to renew websense.
 

MrGuvernment

Fully [H]
Joined
Aug 3, 2004
Messages
20,671
Also in my experience with untangle, even with standard paid version, it doesn't do a good job of logging what sites a person visits in a readable way. Their logs are a pain in the butt to go through.

When was the last time you used it?

it shows everything fine for me well laid out, in the Reports module you see the system or user, check by site sizes, block, visited..

live logs show the same thing...

we have the untangle premium here paid for, $1200 a year i think and i get every bit of info every single person on my network does.. as well as a full UTM.

try it out, you can get the full premium trial for 14 days...

But i would say run untangle in Router mode, toss it on a server dual core or quad, and 4-8Gig of memory and watch it run!
 

sinisterDei

[H]ard|Gawd
Joined
Dec 1, 2004
Messages
1,523
How big of an environment (number of users) are you looking for?

At the small end, we've had better customer satisfaction with control & filtering options than with reporting.
 
Top