+ Post New Thread
Results 1 to 4 of 4
Internet Related/Filtering/Firewall Thread, Forefront Threat Management Gateway 2010 - User web proxy logging in Technical; Hi all, I've been playing around with TMG 2010 inside a VM as looking at it as a free alternative ...
  1. #1
    jamesfed's Avatar
    Join Date
    Sep 2009
    Location
    Reading
    Posts
    2,194
    Thank Post
    134
    Thanked 340 Times in 287 Posts
    Rep Power
    84

    Forefront Threat Management Gateway 2010 - User web proxy logging

    Hi all,

    I've been playing around with TMG 2010 inside a VM as looking at it as a free alternative to LEA websense (we have Vol licence) when they pull the free plug next year but also looking at it for replacing the last component of Ranger that we use (web montoring).

    As far as I understand SP1 of TMG 2010 includes a user web tracking/reporting feature and although I can find where the report is I can't seem to get the user data to be recorded on the server.

    I've setup a basic 'Web Access Policy' which blocks access to the nastys and allows to everything else but have no clue where to go from there.

    Furthermore am I correct in thinking that TMG could be setup as a transparent proxy if I were to set it up as a server with two network points (one to internal and one to external (the web) connections)?

    Thanks!
    James

  2. #2
    altecsole's Avatar
    Join Date
    Jun 2005
    Location
    Morecambe, Lancashire, UK.
    Posts
    281
    Thank Post
    39
    Thanked 36 Times in 26 Posts
    Rep Power
    25
    For the user report you need to include the domain name in the username, ie domainname\username. To see what is being logged do some browsing from a test machine, make a note of it's IP address and then query the web logs for that client IP for the last 5 minutes (for example). You can then see everything that's being logged against that IP and this will help you to understand how the logging works.

  3. #3
    bio
    bio is offline
    bio's Avatar
    Join Date
    Apr 2008
    Location
    netherlands
    Posts
    520
    Thank Post
    16
    Thanked 130 Times in 102 Posts
    Rep Power
    37
    For user based logging you will need to add the TMG to your domain. The logging features of TMG are quite extensive but if you want a great (but expensive) solution you'lll need to look at GFI products. You can install the TMG with just one nic and use it as a proxy, however i'll allways recommend to install it with 2 nics and use the great firewall capabilities.

    let me know if you need some help with it

    bio..

  4. #4

    Join Date
    Apr 2008
    Location
    Aigburth, Liverpool
    Posts
    156
    Thank Post
    35
    Thanked 10 Times in 10 Posts
    Rep Power
    14
    Just going to jump in on this thread.

    I have the exact same problem, in the respect that I simply cannot get the User Activity Reports to display any information. I have passed it the domain name (domain\username) using FQDN when it failed the first time. I can't seem to find any articles anywhere that help me with this matter.

    Any ideas?

SHARE:
+ Post New Thread

Similar Threads

  1. Forefront Threat Gateway
    By wesleyw in forum Windows
    Replies: 5
    Last Post: 14th October 2010, 07:17 AM
  2. Replies: 1
    Last Post: 10th May 2010, 12:47 PM
  3. threat management gateway setting
    By FN-GM in forum Internet Related/Filtering/Firewall
    Replies: 10
    Last Post: 4th March 2010, 07:55 AM
  4. Forefront TMG Default Gateway
    By teejay in forum Internet Related/Filtering/Firewall
    Replies: 4
    Last Post: 26th January 2010, 02:34 PM
  5. Replies: 0
    Last Post: 2nd November 2007, 09:58 AM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •