Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

Looking for a web usage history tracking tool. (budget)

Posted on 2016-08-15
3
121 Views
Last Modified: 2016-08-17
What are some tools you have used/have seen others use to capture the web traffic of specific users?  Windows 2008 R2 domain with Windows 10 workstations using IE, Chrome, and a few Firefox.  FortiNet firewalls in all locations.

Prefer to keep this project as cheap as possible as it's not a very high priority.  

What are the pros/cons to using firewalls vs software vs a hardware device?
0
Comment
Question by:Daniel Checksum
3 Comments
 
LVL 39

Assisted Solution

by:Adam Brown
Adam Brown earned 250 total points
ID: 41756605
Capturing web traffic outside of the computer itself can be fairly problematic. There aren't very many enterprise level web filters aside from WebSense, and that's a relatively expensive solution to use. Just capturing traffic history is usually best accomplished on the computer itself, and there are a myriad of solutions available to accomplish the task. Everything from keyloggers to history trackers, to history reports can be used at the client level to track usage information.

An easy, free way to get web traffic history is to use OpenDNS as your Public DNS forwarder on your DNS servers. They will allow you to generate a report on which DNS queries are performed when set up appropriately. Unfortunately, this doesn't give you granular information like which users or computers are making the DNS requests, since all requests will look the same to their servers.

Inspecting web traffic at the firewall is often not feasible unless the firewall supports web proxy. Web proxy essentially forces all client web browsers to access the internet at the firewall instead of going directly, which means all web requests are initiated at the firewall. Without doing a web proxy, traffic that is protected with HTTPS cannot be inspected because it's encrypted. With a proxy in place, HTTPS traffic is initiated on the Proxy server, then decrypted and presented to the client. This is how most web filtering solutions work.

If you are willing to implement a web proxy solution in your environment, that's probably the most effective way to keep track of usage. Just realize that proxies can be bypassed. The OpenDNS solution can be bypassed very easily as well.
1
 
LVL 8

Accepted Solution

by:
myramu earned 250 total points
ID: 41758186
Hi,

Your question can be divided in to 3:
1) Users web usage report (Accessed websites, Bandwidth and time usage): This report can be produced using existing FortiGate with the help of Fortigate webfiltering and a syslog server/Fortianalyzer.
2) Capturing packets of a specific user: Packet capturing is also supported by the Fortigate (Required to enable on firewall policy).
3) Web files archive: This is also supported by Fortigate (Using DLP profile and Fortianalyzer).

Good Luck!
1
 
LVL 1

Author Closing Comment

by:Daniel Checksum
ID: 41759458
I am going to contact FortiNet support for this.  My supervisor had recommended that to begin with, just wanted to make sure it was the right choice.
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article runs through the process of deploying a single EXE application selectively to a group of user.
Last week, our Skyport webinar on “How to secure your Active Directory” (https://www.experts-exchange.com/videos/5810/Webinar-Is-Your-Active-Directory-as-Secure-as-You-Think.html?cid=Gene_Skyport) provided 218 attendees with a step-by-step guide for…
To efficiently enable the rotation of USB drives for backups, storage pools need to be created. This way no matter which USB drive is installed, the backups will successfully write without any administrative intervention. Multiple USB devices need t…
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.

856 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question