29 06, 2012

Microsoft TMG SQL to Text Script

By | 2012-06-29T14:44:38+00:00 June 29th, 2012|How To, Microsoft Threat Management Gateway, Third Party, Tips and Best Practices, Uncategorized, Vantage, Web Browsing Analysis|0 Comments

Microsoft Forefront TMG logs activity to it's internal SQL Express database. In addition to the extra steps you need to perform to access this database from a remote server, importing data into Vantage is much slower than importing from W3C Text logs. You can easily change the logging from SQL Express to W3C text logs [...]

27 10, 2010

Watch your TMG's waist line. Switch log format and reduce fat now!

By | 2010-10-27T04:57:46+00:00 October 27th, 2010|Firewall Analysis, Log File Analysis, Microsoft ISA Server, Microsoft Threat Management Gateway, storages, System Administration, Tips and Best Practices, Uncategorized, Vantage, Web Browsing Analysis, WebSpy|0 Comments

We often recommend customers using Microsoft ISA or TMG switch their logging to W3C text file, in order to get the best possible import speed, and also because the text logs are much easier to access from a remote machine (see my previous article on accessing TMG’s SQL Express Log database). Logging to the default [...]

23 08, 2010

Vantage Update 2.2.0.50 (Juniper SA, Forefront Protection and more)

By | 2010-08-23T05:43:03+00:00 August 23rd, 2010|Loaders, Microsoft Threat Management Gateway, Software Updates, Uncategorized, Vantage, WebSpy, WebSpy News Update|0 Comments

We have just released an auto update for the Vantage range of applications. This update includes support for the Juniper SA series and Microsoft Forefront Protection for Exchange 2010. Here’s the full list of changes: New: Juniper SA Series. Vantage can import and report on web traffic and VPN connections. New: Microsoft Forefront Protection for [...]

29 07, 2010

Microsoft Forefront TMG logs size fields the wrong way around

By | 2010-07-29T04:49:04+00:00 July 29th, 2010|Firewall Analysis, Log File Analysis, Microsoft Threat Management Gateway, Reports, Tips and Best Practices, Uncategorized, Vantage, Web Browsing Analysis, WebSpy|0 Comments

If you’re using Microsoft Forefront Threat Management Gateway, there is a bug in the logging that causes Bytes Sent and Bytes Received to be logged in reverse. This seems to only affect the Web Proxy logs – both SQL and W3c . We noticed in a few web reports, that people were generally uploading a [...]

19 07, 2010

Tips from TMG Expert: Changing WebSpy Vantage Scheduled Task Recurrence Interval

By | 2010-07-19T03:57:08+00:00 July 19th, 2010|How To, Microsoft ISA Server, Microsoft Threat Management Gateway, Uncategorized|0 Comments

Microsoft ISA Server and Forefront TMG users are probably familiar with isaserver.org’s informative news articles, tutorials, blogs and forums. I just wanted to bring your attention to one of isaserver.org’s contributing blog authors, Richard Hicks. Richard has been working with Forefront Threat Management Gateway (TMG) 2010 and its predecessors for more than 12 years. He [...]

19 07, 2010

Why there is so much anonymous traffic in Microsoft TMG and ISA logs

By | 2010-07-19T03:18:29+00:00 July 19th, 2010|Aliases, Firewall Analysis, How To, Log File Analysis, Microsoft ISA Server, Microsoft Threat Management Gateway, Reports, Tips and Best Practices, Uncategorized, Vantage, Web Browsing Analysis, WebSpy|5 Comments

One of the most common questions we get asked by users of Microsoft TMG and ISA is why there is so much traffic attributed to the Anonymous user. Even though unauthenticated access to the web has been disabled, they still see the ‘Anonymous’ user as one of the top users in their reports. So let’s [...]

12 07, 2010

Website Categorization – Assessing Productivity

By | 2010-07-12T07:46:02+00:00 July 12th, 2010|How To, Uncategorized|0 Comments

Security and Threat Management solutions, such as Microsoft Forefront TMG, IronPort and Blue Coat, use predefined URL categorization to simplify blocking and filtering management. Different security vendors have different ways of categorizing websites but it generally involves referring to a gigantic, regularly updated database of millions of websites sorted into 50-100 relevant categories. Majority of [...]

20 05, 2010

Vantage Update 2.2.0.43

By | 2010-05-20T06:45:45+00:00 May 20th, 2010|IronPort, Loaders, Log File Analysis, Microsoft ISA Server, Microsoft Threat Management Gateway, Software Updates, Tips and Best Practices, Uncategorized, Vantage, Web Module, WebSpy|0 Comments

We've just released an auto update for WebSpy Vantage (Premium, Giga and Ultimate) as well as the Web Module. This is a great update for Vantage Ultimate users as we've introduced a new feature/tab into the Web Module called 'Dynamic Reports'. Here's the full list of changes since the last auto update (2.2.0.32 on the 14th April 2010).

2 03, 2010

Vantage Update 2.2.0.27 – Fix for Microsoft FTMG SQL Import

By | 2010-03-02T15:58:13+00:00 March 2nd, 2010|Loaders, Log File Analysis, Microsoft ISA Server, Microsoft Threat Management Gateway, Software Updates, Uncategorized, Vantage, Web Module, WebSpy|0 Comments

Our support for Microsoft Forefront Threat Management Gateway is quite new and we’ve just fixed a couple of issues that we haven’t yet released as a public update yet. In particular, this update fixes the "specified cast invalid error" that occurs when importing the Web Proxy database logs.

8 02, 2010

8 Reasons NOT to Use Microsoft Forefront TMG's Reporting

By | 2010-02-08T06:48:39+00:00 February 8th, 2010|Aliases, Firewall Analysis, How To, Loaders, Log File Analysis, Microsoft ISA Server, Microsoft Threat Management Gateway, Reports, Tips and Best Practices, Uncategorized, Vantage, Web Browsing Analysis, Web Module, WebSpy|6 Comments

I've been having a look through the reporting functionality included in Microsoft Forefront Threat Management Gateway to find that not much has changed from ISA Server 2006. There is some new information regarding the newly implemented URL categorization and threat management technology, but there is very little flexibility or customization for those with reporting requirements beyond general overviews cluttered with irrelevant information. Here is what I consider to be the 8 main limitations of Microsoft Forefront TMG's reporting functionality.