+ Post New Thread
Results 1 to 4 of 4
Internet Related/Filtering/Firewall Thread, Forefront Threat Management Gateway 2010 - User web proxy logging in Technical; Hi all, I've been playing around with TMG 2010 inside a VM as looking at it as a free alternative ...
  1. #1
    jamesfed's Avatar
    Join Date
    Sep 2009
    Thank Post
    Thanked 340 Times in 287 Posts
    Rep Power

    Forefront Threat Management Gateway 2010 - User web proxy logging

    Hi all,

    I've been playing around with TMG 2010 inside a VM as looking at it as a free alternative to LEA websense (we have Vol licence) when they pull the free plug next year but also looking at it for replacing the last component of Ranger that we use (web montoring).

    As far as I understand SP1 of TMG 2010 includes a user web tracking/reporting feature and although I can find where the report is I can't seem to get the user data to be recorded on the server.

    I've setup a basic 'Web Access Policy' which blocks access to the nastys and allows to everything else but have no clue where to go from there.

    Furthermore am I correct in thinking that TMG could be setup as a transparent proxy if I were to set it up as a server with two network points (one to internal and one to external (the web) connections)?


  2. #2
    altecsole's Avatar
    Join Date
    Jun 2005
    Morecambe, Lancashire, UK.
    Thank Post
    Thanked 36 Times in 26 Posts
    Rep Power
    For the user report you need to include the domain name in the username, ie domainname\username. To see what is being logged do some browsing from a test machine, make a note of it's IP address and then query the web logs for that client IP for the last 5 minutes (for example). You can then see everything that's being logged against that IP and this will help you to understand how the logging works.

  3. #3
    bio is offline
    bio's Avatar
    Join Date
    Apr 2008
    Thank Post
    Thanked 130 Times in 102 Posts
    Rep Power
    For user based logging you will need to add the TMG to your domain. The logging features of TMG are quite extensive but if you want a great (but expensive) solution you'lll need to look at GFI products. You can install the TMG with just one nic and use it as a proxy, however i'll allways recommend to install it with 2 nics and use the great firewall capabilities.

    let me know if you need some help with it


  4. #4

    Join Date
    Apr 2008
    Aigburth, Liverpool
    Thank Post
    Thanked 10 Times in 10 Posts
    Rep Power
    Just going to jump in on this thread.

    I have the exact same problem, in the respect that I simply cannot get the User Activity Reports to display any information. I have passed it the domain name (domain\username) using FQDN when it failed the first time. I can't seem to find any articles anywhere that help me with this matter.

    Any ideas?

+ Post New Thread

Similar Threads

  1. Forefront Threat Gateway
    By wesleyw in forum Windows
    Replies: 5
    Last Post: 14th October 2010, 07:17 AM
  2. Replies: 1
    Last Post: 10th May 2010, 12:47 PM
  3. threat management gateway setting
    By FN-GM in forum Internet Related/Filtering/Firewall
    Replies: 10
    Last Post: 4th March 2010, 07:55 AM
  4. Forefront TMG Default Gateway
    By teejay in forum Internet Related/Filtering/Firewall
    Replies: 4
    Last Post: 26th January 2010, 02:34 PM
  5. Replies: 0
    Last Post: 2nd November 2007, 09:58 AM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts