Network spying and reporting software..

Posted on 2006-11-08
Last Modified: 2013-12-07
Hi Network Admins..

Does anyone have any ideas about possible software, I can purchase, that will spy on employee PC's, record and report the outcome of web usage, sites visited, time spent on internet and a list of chats or emails, etc.

We have 4 offices locations and use windows 2003 servers (AD, exchange server) and XP pro client machines.

Thank you!

Question by:afoedit
  • 3
  • 2
LVL 39

Accepted Solution

redseatechnologies earned 168 total points
ID: 17901963
Hi afoedit, did a pretty good job for us.

Of course, this was mainly for browsing habits.  For emails and chat, you are going to get sued for invasion of privacy.  Company emails and chat programs would be subject to monitoring, but PERSONAL gmail or such emails and chat programs would get you into all kinds of trouble.

Generally, I make it so that these sites/services cannot be used (block Messenger for going out, deny access to, etc), then the users will have no alternative but to use the company email or messenging client, meaning it will be monitored.

This is quite extreme though, and is a sure fire way to upset your users - assuming that is important :)

Hope that helps,

LVL 16

Assisted Solution

AdamRobinson earned 166 total points
ID: 17901987
Do you by chance have an external firewall?  Most firewalls come with an option to do what you are asking (usually for an extra fee, as in the case of Sonicwall), in a package, as you seem to want.

For chats and e-mails, you could use a packet sniffer, as long as they aren't encrypting their messages.  

For e-mails, you should already have access as the administrator to almost any user's mailbox, especially in a smaller business wherein the IT person usually has all of the user passwords for the company.

You probably shouldn't use the word "spy," though.  It's a legitimate business purpose to be able to determine what you employees are actually doing.

Be aware, you may actually do more harm than good.  A certain amount of leniency has become expected nowadays, especially in a small business.  If you truly want them to stop doing these things, though, rather than "spying" on them, you should just block their ability to do it.  The first step is to take away user administrator rights so they can't install messenging programs and chat clients to begin with.  Push out a hosts file to drop any web queries to online chat places to localhost.  

You could also turn on auditing through whatever functions to pass your requests to DNS to determine what pages are attempted to be viewed.

LVL 16

Expert Comment

ID: 17902010

Where have you seen precedent on personal e-mail / chat longs being an invasion of privacy?  Most of the cases I've seen recently have shown that if a work resource is being used, it is fair game, insofar as you are not logging their passwords and then logging into their mailboxes after the fact.

Are there any specific cases you know of off the top of your head wherein this has been ruled illegal?  

And I agree 100% on the upset user warning.  I try if at all possible to avoid doing anything along these lines to my users, and instead let them know there's a certain amount I'm willing to tolerate without informing the bosses, but after a certain point I have to shut them down entirely (deliberate porn/hate sites/etc. = automatic loss of all resources with their having to go to the higher ups to request is back).   I'm in a smaller organization, but the users seem to be more respectful when you extend them a little bit of trust.  Then again, none of them have administrative rights, so I have a little less to worry about ;)

Portable, direct connect server access

The ATEN CV211 connects a laptop directly to any server allowing you instant access to perform data maintenance and local operations, for quick troubleshooting, updating, service and repair.

LVL 39

Expert Comment

ID: 17902094
>>Where have you seen precedent on personal e-mail / chat longs being an invasion of privacy?  Most of the cases I've seen recently have shown that if a work resource is being used, it is fair game, insofar as you are not logging their passwords and then logging into their mailboxes after the fact.

That all depends on the country you are in.

Off the top of my head I can remember a very recent case here in Australia where an employee managed to sue for this exact reason.  Using the company internet during their lunch break was deemed to not be a work resource (as it wasn't specified as such in the employment contract).  Therefore, it was invasion of privacy.

Personally, I hate the privacy laws here - our airport baggage handlers smuggle drugs and weapons, yet we can't put video cameras in their areas due to invasion of privacy.  Obviously the unions are on the take as well :)

Of course, I dislike the privacy laws because they mostly work against me - if I had something to hide I would probably love them

LVL 16

Expert Comment

ID: 17903755

:)  Didn't realize you were an Aussie.  Obviously over here in the US things are a tad bit different.  No comment on why that is though. :)

Assisted Solution

mhts earned 166 total points
ID: 17903780
We've installed Spector CNE ( and Pearl Echo*Suite ( at several client sites. We've been happy with both apps (from an installation and initial configuration perspective) and our clients have been happy with both too (for their respective needs and management requirements).

Before you install and implement any blocking or (more importantly) monitoring software, it is very strongly advised that you write and distribute an AUP (Acceptable Use Policy) for Company Resources to all employees that covers each resource that you intend to block and/or monitor. It should apply to all employees (from the top down) - no exceptions. And it is a good idea to get a signature of receipt from each employee who receives the AUP and put that in each employee's file.

As is always the case in these kinds of things, it would also be a wise idea to consult with your business attorney to make sure that your AUP follows all laws and regulations that may apply to your specific business (type) and/or location (city/state).

The sites for both apps referenced above have information about AUPs, and at least one of them has a sample AUP you can use as a starting point.

Hope the information helps.


Featured Post

Announcing the Most Valuable Experts of 2016

MVEs are more concerned with the satisfaction of those they help than with the considerable points they can earn. They are the types of people you feel privileged to call colleagues. Join us in honoring this amazing group of Experts.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Load balancing is the method of dividing the total amount of work performed by one computer between two or more computers. Its aim is to get more work done in the same amount of time, ensuring that all the users get served faster.
This article will inform Clients about common and important expectations from the freelancers (Experts) who are looking at your Gig.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

821 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question