19 07, 2010

Why there is so much anonymous traffic in Microsoft TMG and ISA logs

By | 2010-07-19T03:18:29+00:00 July 19th, 2010|Aliases, Firewall Analysis, How To, Log File Analysis, Microsoft ISA Server, Microsoft Threat Management Gateway, Reports, Tips and Best Practices, Uncategorized, Vantage, Web Browsing Analysis, WebSpy|5 Comments

One of the most common questions we get asked by users of Microsoft TMG and ISA is why there is so much traffic attributed to the Anonymous user. Even though unauthenticated access to the web has been disabled, they still see the ‘Anonymous’ user as one of the top users in their reports. So let’s [...]

18 06, 2010

Video: How to use WebSpy Vantage to report on IronPort log files

By | 2010-06-18T02:01:16+00:00 June 18th, 2010|Aliases, Firewall Analysis, How To, IronPort, Log File Analysis, Reports, Scheduled Tasks, Tips and Best Practices, Uncategorized, Vantage, Web Browsing Analysis, Web Module, WebSpy|0 Comments

I’ve produced a video on how to use WebSpy Vantage to report on IronPort’s Web Security Appliance’s access log files. It is quite a detailed look at the key tasks involved in setting up and using WebSpy Vantage with IronPort WSA access logs, and is therefore divided into several parts. The videos take you through [...]

8 02, 2010

8 Reasons NOT to Use Microsoft Forefront TMG's Reporting

By | 2010-02-08T06:48:39+00:00 February 8th, 2010|Aliases, Firewall Analysis, How To, Loaders, Log File Analysis, Microsoft ISA Server, Microsoft Threat Management Gateway, Reports, Tips and Best Practices, Uncategorized, Vantage, Web Browsing Analysis, Web Module, WebSpy|6 Comments

I've been having a look through the reporting functionality included in Microsoft Forefront Threat Management Gateway to find that not much has changed from ISA Server 2006. There is some new information regarding the newly implemented URL categorization and threat management technology, but there is very little flexibility or customization for those with reporting requirements beyond general overviews cluttered with irrelevant information. Here is what I consider to be the 8 main limitations of Microsoft Forefront TMG's reporting functionality.