On a Windows 2008 R2 server in a domain running RDP/Terminal services, I need a a utility or a good way to generate a report by day of the websites users have accessed when logged in remotely by RDP.
I suspect some of them are going to sites and possibly downloading where they shouldn't.
1. What's the best way to generate a report and track activity so I get that info?
2. After I determine the surfing activity, what's the best way to restrict it? We have a Sonicwall TZ210W firewall. I'm not sure if they have a feature that provides a report of sites visited by user and the ability to restrict them.
3. I'd also like to get a text log I cam quickly view that list all users and the time they logged in and out.
4. I'm also looking to block inbound access by country like block all non-US IP's from attempting to log in. We are getting some attempted hacks from outside that is being caught and blocked by security software I installed named Syspeace.