I have an SSG-5 c/w 256 MB set up with this policy set up, with web filtering turned on:
*** from "Trust" to "Untrust" "Any" "Any" "ANY" permit ***
I have 17 workstations and 2 servers behind the firewall and I am trying to determine which one is using all the bandwidth. Currently running about 15 GB up/down combined per month, which is 50% over our plan of 10 GB/month (wireless connection), and is costing us money.
Would it overload the router to log that policy via syslog, and would I be able to get the info I am looking for from the logs? If anyone one knows of a good syslog daemon / reporting combo where the syslog daemon will run on an NT SP6a server (Kiwi doesn't seem to want to), I would appreciate it! I will run the reporter from my XP workstation.