Solved

Proxy internal and External

Posted on 2009-04-02
7
677 Views
Last Modified: 2013-11-22
Hi all,

We are a large secondary school. We are looking for a solution to monitor internet usage per student.

At the moment all of our internet traffic is routed through and external proxy provided by our local authority. We have access to basic proxy reporting but not in detail as we would like. for example one of the reports we have is the top 100 sites used by the college for a day. Obviously if a website is used more often it will appear in the report but we cannot report on individual usage at any given time!

ideally what I would like to setup is an internal proxy that would log all traffic but just pass-through the traffic to the external proxy provided for us. I do not need to do any type of filtering as this is also provided by the existing external proxy.

We have not administrative control over the external proxy (squid Proxy) to pull out requested data.

Any help would be gratefully received
0
Comment
Question by:dblight
  • 3
  • 2
  • 2
7 Comments
 
LVL 11

Expert Comment

by:bmatumbura
ID: 24048095
Microsoft ISA server can do this
0
 
LVL 11

Expert Comment

by:bmatumbura
ID: 24048106
You'll have to join your student's workstations to a domain in which the ISA server is also a member. You'd then create usernames and passwords for your students on the domain and ask them to use these whenever they want to logon to the machines. ISA server can then be configured to monitor and report on what each student browses.
0
 

Author Comment

by:dblight
ID: 24048149
Thanks for replies.

We already have ISA setup for our internal intranet and external webiste its is used mainly for the authentication (single sign on) for all our internal systems.

can a seperate configuration be set that wont interfere with this? Also approx 200 of our laptops are student laptops that are not connected to the domain so authentication will be an issue as the leadership teams will not want students to authenticate again and again?
0
How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

 
LVL 11

Expert Comment

by:bmatumbura
ID: 24048308
0
 
LVL 76

Expert Comment

by:arnold
ID: 24049145
You could setup an internal transparen/chained squid proxy with NTLM.
The question is do you want to prompt all non Domain users for credentials prior to leting them access the outside/inside systems?
0
 

Author Comment

by:dblight
ID: 24057972
Hi Arnold,

I was just thinking the same, i'm installing Ubuntu as we speak to test this theory, all i want the "internal" proxy to do is trap the logs so i can parse them before they go out through the external "normal" proxy.

I dont really want any user to be prompted for any authentication as i want it just to be seemless and normal for them so they do not know that we are bypassing them to another proxy first.

i do have a question on the reporting side of things though. Ultimatley i want to be able to see where any particular USER has browsed and when, like you said with AD authentication but again i want it to be seemless so they are not prompted to enter any credentials. I suppose the laptops that are not domain intergrated can get away with just bypassing the "internal" proxy and carrying on as normal? does this sound possible?

Can you point me in the direction of any resources to configure squid as a transparent proxy and about AD intergration? at the moment im trawling through http://wiki.squid-cache.org/SquidFaq

0
 
LVL 76

Accepted Solution

by:
arnold earned 250 total points
ID: 24068277
A transparent proxy deals with requests on port 80 being redirected by the router/ISA back to the proxy server which based on your setting will pass the requests to the external proxy.

You could setup the system to check NTLM to detect AD systems. and then let it fall through which will allow all access through. (no deny)
This will let non AD systems access, but will also let AD systems where the user did not login into the domain to pass through unidentified.

There are many resources on setting up transparent proxy:
http://tldp.org/HOWTO/TransparentProxy.html
http://www.cyberciti.biz/tips/linux-setup-transparent-proxy-squid-howto.html
http://www.deckle.co.za/squid-users-guide/Transparent_Caching/Proxy

Currently do you have your ISA configured to redirect port 80 requests to the external proxy or is the external proxy setup as a transparent?
0

Featured Post

Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

Join & Write a Comment

Suggested Solutions

Microsoft's ISA Server has been its pre-eminent security product for about a decade and is still regarded amongst the well-informed as one of the best software firewalls and application gateways ever released, by any manufacturer. ISA Server has bee…
Forefront Threat Management Gateway 2010 or FTMG comes with some very neat troubleshooting tools built-in when trying to identify what is actually happening behind the scenes within the product when traffic is passing through its interfaces. To the …
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

757 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now