29 07, 2010

Microsoft Forefront TMG logs size fields the wrong way around

By | 2010-07-29T04:49:04+00:00 July 29th, 2010|Firewall Analysis, Log File Analysis, Microsoft Threat Management Gateway, Reports, Tips and Best Practices, Uncategorized, Vantage, Web Browsing Analysis, WebSpy|0 Comments

If you’re using Microsoft Forefront Threat Management Gateway, there is a bug in the logging that causes Bytes Sent and Bytes Received to be logged in reverse. This seems to only affect the Web Proxy logs – both SQL and W3c . We noticed in a few web reports, that people were generally uploading a [...]

19 07, 2010

Tips from TMG Expert: Changing WebSpy Vantage Scheduled Task Recurrence Interval

By | 2010-07-19T03:57:08+00:00 July 19th, 2010|How To, Microsoft ISA Server, Microsoft Threat Management Gateway, Uncategorized|0 Comments

Microsoft ISA Server and Forefront TMG users are probably familiar with isaserver.org’s informative news articles, tutorials, blogs and forums. I just wanted to bring your attention to one of isaserver.org’s contributing blog authors, Richard Hicks. Richard has been working with Forefront Threat Management Gateway (TMG) 2010 and its predecessors for more than 12 years. He [...]

19 07, 2010

Why there is so much anonymous traffic in Microsoft TMG and ISA logs

By | 2010-07-19T03:18:29+00:00 July 19th, 2010|Aliases, Firewall Analysis, How To, Log File Analysis, Microsoft ISA Server, Microsoft Threat Management Gateway, Reports, Tips and Best Practices, Uncategorized, Vantage, Web Browsing Analysis, WebSpy|5 Comments

One of the most common questions we get asked by users of Microsoft TMG and ISA is why there is so much traffic attributed to the Anonymous user. Even though unauthenticated access to the web has been disabled, they still see the ‘Anonymous’ user as one of the top users in their reports. So let’s [...]

15 07, 2010

Security Threats Increase with Growth in Social Networking – Blocking still not the Answer

By | 2010-07-15T06:46:13+00:00 July 15th, 2010|Uncategorized, WebSpy News Update|0 Comments

IT security firm Trend Micro recently released results from their latest study surveying 1,600 end-users in the United States, United Kingdom, Germany and Japan. The study focused on employees’ use of corporate computers while on corporate LANs. Trend Micro found that the use of social networking sites grew globally from 19% in 2008 to 24% [...]

12 07, 2010

Website Categorization – Assessing Productivity

By | 2010-07-12T07:46:02+00:00 July 12th, 2010|How To, Uncategorized|0 Comments

Security and Threat Management solutions, such as Microsoft Forefront TMG, IronPort and Blue Coat, use predefined URL categorization to simplify blocking and filtering management. Different security vendors have different ways of categorizing websites but it generally involves referring to a gigantic, regularly updated database of millions of websites sorted into 50-100 relevant categories. Majority of [...]

28 06, 2010

WebSpy Soho – New Alpha Release

By | 2010-06-28T08:22:16+00:00 June 28th, 2010|Uncategorized, WebSpy Soho|0 Comments

First of all, a big thank you to all our Alpha testers for downloading and trying out WebSpy Soho Alpha. We’re happy to let you know that we’ve just released an improved Alpha version with new fixes and updates. The previous Soho Alpha version will stop working on the 30th of June 2010 – to [...]

24 06, 2010

Annual Cost Calculator for Unproductive Internet Usage

By | 2010-06-24T07:59:39+00:00 June 24th, 2010|Sales and Marketing, Uncategorized|0 Comments

Ever so often new reports and findings on organizational cost of employees’ unproductive Internet usage are published. As a developer of Internet reporting software, that assists in reducing these costs, we naturally highlight the findings whenever we can. Simply to make companies aware that the cost of a WebSpy license is marginal in relation to [...]

18 06, 2010

Video: How to use WebSpy Vantage to report on IronPort log files

By | 2010-06-18T02:01:16+00:00 June 18th, 2010|Aliases, Firewall Analysis, How To, IronPort, Log File Analysis, Reports, Scheduled Tasks, Tips and Best Practices, Uncategorized, Vantage, Web Browsing Analysis, Web Module, WebSpy|0 Comments

I’ve produced a video on how to use WebSpy Vantage to report on IronPort’s Web Security Appliance’s access log files. It is quite a detailed look at the key tasks involved in setting up and using WebSpy Vantage with IronPort WSA access logs, and is therefore divided into several parts. The videos take you through [...]

14 06, 2010

Government sanctioned ISP Filtering & Monitoring – Is Australia going Orweillian?

By | 2010-06-14T07:30:35+00:00 June 14th, 2010|Uncategorized, WebSpy News Update|0 Comments

It was a bright cold day in June, and the clocks were striking thirteen as I browsed Google Sci/Tech News and came across ZDNet’s ‘Govt wants ISPs to record browsing history’ article. The Australian Attorney-General’s Department recently confirmed ongoing discussions about implementing a data retention regime in Australia requiring ISPs to hold customers web browsing [...]

11 06, 2010

Accessing Microsoft Forefront TMG's Log Files (SQL Express)

By | 2010-06-11T06:54:59+00:00 June 11th, 2010|Firewall Analysis, How To, Loaders, Log File Analysis, Microsoft Threat Management Gateway, Uncategorized, Vantage, Web Browsing Analysis, WebSpy|1 Comment

If you need to analyze and report on Microsoft Forefront Threat Management Gateway log files, the most common stumbling block is enabling access to the default SQL Express databases that contains the firewall and web proxy log files. The log databases are stored in an SQL Express instance named MSFW. By default these databases cannot [...]