Creating and Analyzing SonicWALL Log Files

I’ve put together a couple of quick videos to show you how to configure logging on your SonicWALL appliance, and how to import and analyze these log files in WebSpy Vantage. You can also read through these steps on this page: Analyzing SonicWALL log files with WebSpy.

Reporting on Astaro Security Gateway

Astaro Security Gateway devices are capable of producing some very detailed log files including full URLs, usernames, categories, block action and reason which gives you some great reporting options in WebSpy Vantage. Take a look at our dedicated Astaro pages to get an idea of what can be achieved when analyzing Astaro Web Gateway log …

Latest Research and 5 Tips for Managing Web 2.0 in the Workplace

Clearswift (network security vendor and WebSpy technology partner) recently released their first report, in a series of three, on the use of social media and web 2.0 in the workplace. From not wanting to touch social media with a ten foot pole, employers are these days increasingly aware of the benefits of social media and …

How much do IronPort WSA Appliances eat?

If you are thinking about deploying IronPort Web Security Appliances you probably want to plan how much disk space to budget for with regards to logging and reporting. Every organization is different with regards to the volume of logs it creates, but I’ve averaged three data sets submitted to us by customers to produce the …

Watch your TMG’s waist line. Switch log format and reduce fat now!

We often recommend customers using Microsoft ISA or TMG switch their logging to W3C text file, in order to get the best possible import speed, and also because the text logs are much easier to access from a remote machine (see my previous article on accessing TMG’s SQL Express Log database). Logging to the default …

Hit and Miss – Are you Missing out on Important Hit Data?

Today I thought I’d cover some interesting hit information and explain how you can get more out of your data by ensuring your hits are accurately reported on. As the term ‘hit’ can sometimes be confusing, let’s start off by properly define hits.

Microsoft Forefront TMG logs size fields the wrong way around

If you’re using Microsoft Forefront Threat Management Gateway, there is a bug in the logging that causes Bytes Sent and Bytes Received to be logged in reverse. This seems to only affect the Web Proxy logs – both SQL and W3c . We noticed in a few web reports, that people were generally uploading a …

Why there is so much anonymous traffic in Microsoft TMG and ISA logs

One of the most common questions we get asked by users of Microsoft TMG and ISA is why there is so much traffic attributed to the Anonymous user. Even though unauthenticated access to the web has been disabled, they still see the ‘Anonymous’ user as one of the top users in their reports. So let’s …

Video: How to use WebSpy Vantage to report on IronPort log files

I’ve produced a video on how to use WebSpy Vantage to report on IronPort’s Web Security Appliance’s access log files. It is quite a detailed look at the key tasks involved in setting up and using WebSpy Vantage with IronPort WSA access logs, and is therefore divided into several parts. The videos take you through …

How to report on bandwidth utilization using Cisco devices

Today I was speaking to a customer that had the following reporting request. “I would like to know how much of my bandwidth is being eaten by each protocol. I will then use this information to determine if circuit may need to be increased due to increased traffic”. This customer was collecting syslog messages from a Cisco Firewall, then using WebSpy Vantage to generate reports. There’s a simpler method.