ISA2003-report for bandwith

hello all.
I'm using an ISA 2003 firewall between my LAN and internet. My LAN has around 400 clients. now I have problem: some of users is infected with spyware, and it sends many mails, and use most the bandwith.

Using ISA 2003, how can I detech who is infected with spyware? or saying in other way, who use most my bandwith?

regard
hva.
hva123456Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Keith AlabasterEnterprise ArchitectCommented:
No such thing as ISA 2003 - its isa2000, 2004 or 2006.
If its isa2000 then you can use the bandwidth options and the ISA log files.

If its ISA2004 or ISA2006, the bandwidth control was removed.
Instead, open the ISA gui,
select monitoring - reports
Create and run a report for the required period and this will produce a decent html report of all activity, to where and by whom and from where.
Also, in the gui, select monitoring - logging.
click start query - this starts the live logging (realtime) monitor.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
hva123456Author Commented:
The problem is we cannot have a report on a specific port for each user
0
Keith AlabasterEnterprise ArchitectCommented:
Again, what version of ISA are you actually running? Bandwidth reporting is not provided in isa2004/2006 so is not an isa fault; its a feature :)
There are add-ons/plug-ins that can be purchased to provide that functionality though.


0
Determine the Perfect Price for Your IT Services

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden with our free interactive tool and use it to determine the right price for your IT services. Download your free eBook now!

hva123456Author Commented:
I use ISA 2004,. So we dont have the solution at the moment?
0
Keith AlabasterEnterprise ArchitectCommented:
<<If its ISA2004 or ISA2006, the bandwidth control was removed.
Instead, open the ISA gui,
select monitoring - reports
Create and run a report for the required period and this will produce a decent html report of all activity, to where and by whom and from where.
Also, in the gui, select monitoring - logging.
click start query - this starts the live logging (realtime) monitor>>

If you want it more granular then goto the monitoring - logging section.
Edit the Query to use the criteria you want reported against and the time action to cover the period to report against. Select a single user if you wish
open the toolbox window on the right and select copy all to clipboard
Copy this into Excel and you can graph it to your hearts content.

Lastly, the data is all stored in an MSDE database. You can query this directly on the ISA box (ISA's security features will stop you querying the msde from another machine) to pull the info as you want.

As mentioned, ISA does not perform bandwidth loading so it is not a function of the product.


0
Keith AlabasterEnterprise ArchitectCommented:
Thanks :)
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
OS Security

From novice to tech pro — start learning today.