4 Replies Latest reply on Jul 6, 2015 10:00 AM by darragh.delaney

    Monitoring Users' URL!!!!

    nima.gharehdaghi

      Hi,

       

      In my organization I have some workstations based on Windows 8, Mac book pro, IMac and IPad which are connected to an apple ‘s Router (Airport Utility) .

       

      I need to Monitor and LOG my Users’ URL  via a MAC Book.

       

      Does Solar winds have a solution in order to Monitor and Log Users’ URL and their activities in The Internet via a Mac Book ?

       

       

      Regards,

       

       

      Nima Gharehdaghi

        • Re: Monitoring Users' URL!!!!
          novasamurai

          If you have a UTM Firewall with web filtering, you could use LEM to collect the logs, which you could search through and possibly create alerts. Another option is to get a web proxy solution which could also send logs to LEM.  Solarwinds does not have a native URL filtering product, but you could check out a Wavecrest product like Web Security - Internet Filtering, Monitoring and Forensic Products. Depending on number of users and if you have a web filtering firewall/proxy this can be pretty cheap.


          When dealing with URL logging it is very important to have urls categorized so you know what it is you are looking at. Simply logging every URL a user visits will not produce exactly what your looking for. Many web pages a user visits can generate hundreds or URLs where resources/Ads are hosted. Now if Solarwinds took on a web filtering company as their net acquisition this would be very interesting to me.

            • Re: Monitoring Users' URL!!!!
              darragh.delaney

              Another option is to simply use your network traffic,

               

              This is one of the advantages of using network traffic analysis and a common use case. It does not matter what kind of operating systems on the machines, you do not need Netflow or to deploy clients/agents, you can just use your traffic once you ‘sniff’ it (usually via a SPAN port or port mirror)  at the right point in your network. 

               

              You can get some very useful information from traffic including granular detail on web activity, IP and MAC address, domain, date/time, each page visited, amount of data transferred, etc.

               

              We have a solution, the Netfort LANGuardian that also integrates with Solarwinds, you can access a live demo here:

               

              http://demo2.netfort.com/Orion/SummaryView.aspx?viewid=31

               

              Or download a trial from here

               

              https://www.netfort.com/downloads/free-trial-software/


              If the users log on using Active Directory, we track and keep detail by IP, mac address and user name. If they do not, we track it by IP and MAC address.  It gives you an instant real time view as well as retaining granular detail for months for reporting, forensics etc.

               

              Darragh

                • Re: Monitoring Users' URL!!!!
                  novasamurai

                  Very interesting, would be really nice if the price is right. I like the ability to have it all integrated into Solarwinds for Dashboards. How is reporting?

                    • Re: Monitoring Users' URL!!!!
                      darragh.delaney

                      The LANGuardian extracts some very granular and readable detail from network traffic using it's Deep Packet Inspection engine and application decoders  and only stores this detail or metadata, discarding the remainder of the packets. As a result, it can retain this detail in its built in database for months without expensive storage and reporting is very comprehensive. It includes a large set of reports which can also be customized.

                       

                      For example, if you go to the report search box, top right at this link

                       

                      https://demo.netfort.com/dboard.cgi

                       

                      and just enter

                      user

                      or

                      security

                      or

                      traffic

                      or.....

                       

                      no need to press return, it will auto complete and give you a list of the reports available for each search term.

                       

                      Pricing is based on the number of users and starts at $3,995.