Solved

Reporting who uses IM most

Posted on 2006-11-02
11
148 Views
Last Modified: 2010-04-11
I administer a small corp network (10 users).  Some employees are using IM products to chat and over-using certain websites.  While the company would like to block the services, i feel that this will just lead to more side uses of the internet and cause some disrupt to the fairly laid back approach to the company.  Some of these are also used to do business.  

Instead, I wish to inform the users of just how much time they spend using these services per month.  Perhaps a small reward will be give to the person who uses it the least.

From other posts I have been told that ISA 2004, which came with the Small business server 2003 would be a good idea.  I have it running and have looked a bit at the reports section but can't seem to make reports that will show me application usage by user.  Can someone explain to me how to do this?  Do I need the CLient Firewall to do this?

0
Comment
Question by:colin911
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
  • 2
  • +2
11 Comments
 
LVL 17

Expert Comment

by:CSecurity
ID: 17862135
This software will be useful for you:
http://www.pearlsw.com/products/imEcho/index.html
0
 
LVL 17

Expert Comment

by:CSecurity
ID: 17862156
0
 

Author Comment

by:colin911
ID: 17862242
Yeah, but can't I do this with ISA?
0
Threat Trends for MSPs to Watch

See the findings.
Despite its humble beginnings, phishing has come a long way since those first crudely constructed emails. Today, phishing sites can appear and disappear in the length of a coffee break, and it takes more than a little know-how to keep your clients secure.

 
LVL 17

Expert Comment

by:CSecurity
ID: 17862254
Not easily... It's abit hard to do it with such software... You need to detect IM softwares, their ports and their servers... Then maybe you can! For example Yahoo! Messenger uses port 5050 (just one of ports it uses)

But that kind of softwares specilized for this kind of stuff
0
 
LVL 38

Expert Comment

by:Rich Rumble
ID: 17863968
While it's possible you can track this info, and even block the service as you know it, those users can be resourceful, and use proxies, or quite simply the web versions of the IM clients... http://www.aim.com/aimexpress.adp?aolp=0  http://webmessenger.msn.com/
http://www.iloveim.com/ http://wwwm.meebo.com/ (I think yahoo 360 has a web client too... http://360.yahoo.com/login.html )

There are also lots of IM sniffers out there that will likely be able to produce the metric you desire
http://www.imdetect.com/
http://www.topshareware.com/IMArchive-download-6066.htm

With so few people there think that perhaps you'd be better off monitoring the entire pc's BW, and asking users who may be utilizing too much BW to stop or cut back on anything non-work related. It helps to have Acceptable Use and other policies in place as well: http://www.sans.org/resources/policies/
Ntop can do this with ease, as can Cacti (Cacti.net) You just need to setup a spanned aka port mirror for Ntop to sniff... cacti uses SNMP to get it's info, Ntop is far more detailed http://www.openxtra.co.uk/freestuff/ntop-xtra.php
-rich
0
 
LVL 23

Expert Comment

by:Tim Holman
ID: 17865296
I agree with Rich on this one - if you try and block or restrict IM access, users will only find another way.
If you incentivise the 'least user' of IM, then users would just find other ways to chat to 'win' the monthly prize!
IM, email, web surfing...  it's all part of life these days, and it's very difficult to discourage their use.
What you should concentrate on is whether or not your staff are doing their jobs properly.  Set realistic targets, expectations, office etiquette policies.  In theory, if they're busy and productive enough, then who cares what they do in their slack time?
The only places where IM should be of concern is if your company is regulated, as in this case you need to make sure confidential/sensitive information cannot be leaked.
0
 
LVL 8

Expert Comment

by:Danny_Larouche
ID: 17869535
Any good corporate firewall will provide such stats. Ask your network administrator
0
 

Author Comment

by:colin911
ID: 17869660
I appreciate all of your comments but the budget cannot pay for other specialized software.  We were under the impression that ISA could do things like this and this is really what I am looking for.  FYI, the best for such reports and buying other software I think will most likely be Spector 360.
0
 
LVL 38

Accepted Solution

by:
Rich Rumble earned 500 total points
ID: 17869765
Cacti is free, as is Ntop
http://cacti.net/
http://www.ntop.org/overview.html
http://www.microsoft.com/isaserver/partners/reporting.mspx
I think snare can parse the ISA logs, but not sure about trending/metrics... http://www.intersectalliance.com/projects/index.html (mostly free)
-rich
0

Featured Post

Put Machine Learning to Work--Protect Your Clients

Machine learning means Smarter Cybersecurity™ Solutions.
As technology continues to advance, managing and analyzing massive data sets just can’t be accomplished by humans alone. It requires huge amounts of memory and storage, as well as the high-speed power of the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Active Directory security has been a hot topic of late, and for good reason. With 90% of the world’s organization using this system to manage access to all parts of their IT infrastructure, knowing how to protect against threats and keep vulnerabil…
Recently, Microsoft released a best-practice guide for securing Active Directory. It's a whopping 300+ pages long. Those of us tasked with securing our company’s databases and systems would, ideally, have time to devote to learning the ins and outs…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

710 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question