Questions

network monitoring

+
0 Votes
Locked

network monitoring

jasonemmg
What is the best way to go about monitoring what web sites employees are visiting, especially during business hours?

Thanks!
Jason
  • +
    0 Votes
    robo_dev

    Many companies use a commercial product like WebSense or BlueCoat.

    There is a cool open source product called Untangle that does the same thing.

    +
    0 Votes
    jjcanaday

    I use OpenDNS at our corporate office. The free version allows me to block sites by category but, will also give me a report (up to 2 weeks) of all sites visited. It will also show them by whether they were allowed or blocked.

    The only real drawback I've found to filtering by category is, sites have to be voted on by users. Sometimes a new website will not be categorized for quite a while. You can also specifically block or allow individual sites, in limited quantities.

    There is a pay version now that allows unlimited (?) history but, I didn't really need that.

    Whether free or paid version, it is very easy to set up. Additionally, a lot of people report that DNS services are faster from OpenDNS than from most ISPs, giving your end-users the appearance of "faster" internet. I have not noticed any significant difference, myself.

    +
    0 Votes
    robo_dev

    I did not know that OpenDNS had that capability....I guess you learn something new everyday.

    +
    0 Votes
    jjcanaday

    ... that you don't have to use the web filtering service to get the browsing history report. Just using OpenDNS for your DNS service will give you 2 weeks of sites visited (and how many times during that period). But, this service will not tell you who (what computer) visited which sites. If isolating by who visited what site is important, you'll have to find something else.

    +
    0 Votes
    Larbakium

    This is a very interesting method. But I suppose you would use this on S/M companies. This would not work for a segment of the network right? Something like a lab which is behind a physical firewall and proxy servers..
    I would believe the best would be if this would be a local solution instead of being depend of 3rd party dns services.

    Am I thinking correctly about this product?

    Obvious I am aware this is a free version.

    +
    0 Votes
    jjcanaday

    ...sort of. It only logs calls to its service for DNS translation. If you only had part of your segmented network going through OpenDNS for lookup, that is all it would log.

    In our facility, I have our internal DHCP Server hand out our local DNS Server which, in turn, is configured to look to OpenDNS. Therefore, by default, all browsing is logged by OpenDSN. However, I have 2 users' (myself and one other person) computers manually configured to use our ISPs DNS server, so they are not logged (nor are they filtered).

    If your network is segmented to the point that each segment has its own DHCP server, you can also segment DNS lookup. However, your OpenDSN report is only keyed by your outward facing IP address. So reports can only be separated if your segments also have different gateways on different outside IP addresses.

    I hope that helps...

    +
    0 Votes
    Larbakium

    Yes. it does help. It makes all sense in the way it works.
    Would be great to have a freeware sort of thing that does the same reporting but locally.
    Because it seems quite simple and user friendly to use.

    I do my logging using MS ISA and its way more complicated. For a segment of the network smtg like Open DNS is just great.

    +
    0 Votes
    nikhil.g1

    You can use Blue coat proxy for Monitoring each and every web traffic flowing through your network .Also can monitor websites browsed per user.

    +
    0 Votes
    hkassab

    Cisco IronPort Email and Web Security

    +
    0 Votes
    jjcanaday

    ... when a company won't tell you the price anywhere on their own website. I'd file that under the category of: If I have to ask... I can't afford it. Even the CDW website lists the cost as "CALL". Ouch.

    Mind if I ask which version of IronPort you use and how much it cost? What are the subscription costs per year?

    Jim

  • +
    0 Votes
    robo_dev

    Many companies use a commercial product like WebSense or BlueCoat.

    There is a cool open source product called Untangle that does the same thing.

    +
    0 Votes
    jjcanaday

    I use OpenDNS at our corporate office. The free version allows me to block sites by category but, will also give me a report (up to 2 weeks) of all sites visited. It will also show them by whether they were allowed or blocked.

    The only real drawback I've found to filtering by category is, sites have to be voted on by users. Sometimes a new website will not be categorized for quite a while. You can also specifically block or allow individual sites, in limited quantities.

    There is a pay version now that allows unlimited (?) history but, I didn't really need that.

    Whether free or paid version, it is very easy to set up. Additionally, a lot of people report that DNS services are faster from OpenDNS than from most ISPs, giving your end-users the appearance of "faster" internet. I have not noticed any significant difference, myself.

    +
    0 Votes
    robo_dev

    I did not know that OpenDNS had that capability....I guess you learn something new everyday.

    +
    0 Votes
    jjcanaday

    ... that you don't have to use the web filtering service to get the browsing history report. Just using OpenDNS for your DNS service will give you 2 weeks of sites visited (and how many times during that period). But, this service will not tell you who (what computer) visited which sites. If isolating by who visited what site is important, you'll have to find something else.

    +
    0 Votes
    Larbakium

    This is a very interesting method. But I suppose you would use this on S/M companies. This would not work for a segment of the network right? Something like a lab which is behind a physical firewall and proxy servers..
    I would believe the best would be if this would be a local solution instead of being depend of 3rd party dns services.

    Am I thinking correctly about this product?

    Obvious I am aware this is a free version.

    +
    0 Votes
    jjcanaday

    ...sort of. It only logs calls to its service for DNS translation. If you only had part of your segmented network going through OpenDNS for lookup, that is all it would log.

    In our facility, I have our internal DHCP Server hand out our local DNS Server which, in turn, is configured to look to OpenDNS. Therefore, by default, all browsing is logged by OpenDSN. However, I have 2 users' (myself and one other person) computers manually configured to use our ISPs DNS server, so they are not logged (nor are they filtered).

    If your network is segmented to the point that each segment has its own DHCP server, you can also segment DNS lookup. However, your OpenDSN report is only keyed by your outward facing IP address. So reports can only be separated if your segments also have different gateways on different outside IP addresses.

    I hope that helps...

    +
    0 Votes
    Larbakium

    Yes. it does help. It makes all sense in the way it works.
    Would be great to have a freeware sort of thing that does the same reporting but locally.
    Because it seems quite simple and user friendly to use.

    I do my logging using MS ISA and its way more complicated. For a segment of the network smtg like Open DNS is just great.

    +
    0 Votes
    nikhil.g1

    You can use Blue coat proxy for Monitoring each and every web traffic flowing through your network .Also can monitor websites browsed per user.

    +
    0 Votes
    hkassab

    Cisco IronPort Email and Web Security

    +
    0 Votes
    jjcanaday

    ... when a company won't tell you the price anywhere on their own website. I'd file that under the category of: If I have to ask... I can't afford it. Even the CDW website lists the cost as "CALL". Ouch.

    Mind if I ask which version of IronPort you use and how much it cost? What are the subscription costs per year?

    Jim