Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
843
Views
0
Helpful
6
Replies

How can I track employee internet usage w/ PIX 515E? Third party software?

sitric
Level 1
Level 1

‎04-14-2003 01:20 PM - edited ‎02-20-2020 10:41 PM

I need to generate reports that list the web sites our employees are surfing to (by employee). I looked into WebSense software, but that is way more complex than we need. Does anyone have any suggestions for this? Is there any PIX compatible software that will provide these reports for us? Can our PIX do this already? Inquiring minds want to know. :-) Thanks!

-Eric Beasley

0 Helpful
6 Replies 6

allan.wells
Level 3
Level 3

‎04-15-2003 03:29 AM

One way would be to use squid proxy its free.

0 Helpful

mostiguy
Level 6
Level 6

‎04-15-2003 05:27 AM

Current PIX OS supports integration with Websense and N2H2 software. Websense is the 800lb gorilla in that space, n2h2 is cheaper, I believe.

You also could look at installing a squid proxy transparently, if you have a router behind the PIX that you can force all internet traffic through. I believe there are add ons that might help you there.

Conceivably, a log monitoring package could do it as well. If you crank up pix logging to 6 informational, it logs every single connection in and out. Network Intelligence's envision and private i's products might be able to be coaxed/beaten into submission to do this.

Matt

0 Helpful

richardmcmahon
Level 1
Level 1
In response to mostiguy

‎04-17-2003 04:39 AM

Unfortunately it does not tell you the packet size so cannot tell you how much traffic each internal ip is gerenating. (dont know if it does on PIX OS 6.3 as I run 6.2.2).

0 Helpful

mostiguy
Level 6
Level 6
In response to richardmcmahon

‎04-17-2003 05:15 AM

%PIX-6-302002: Teardown TCP connection 6273

6721 faddr 1.2.3.4/80 gaddr 5.6.7.8/1035 laddr 5.6.7.8/103

5 duration 0:00:08 bytes 1667 (TCP FINs)

0 Helpful

mnlatif
Level 3
Level 3
In response to mostiguy

‎04-17-2003 09:52 AM

HI,

regarding the Logging from PIX, it logs the event as below

Apr 4 10:40:03 fr-firewall %PIX-5-304001: 10.3.5.169 Accessed URL 152.2.210.81:/LDP/

solrhe/Securing-Optimizing-Linux-RH-Edition-v1.3/chap5sec40.htm

Is there a way to configure PIX to log Web-Site's name, instead of the IP Address (e.g. 152.2.210.81) ?

0 Helpful

rmerritt
Level 1
Level 1

‎04-21-2003 11:11 AM

We use envision. We have the PIX firewalls send it to the envision syslog and it gets put into a database. We have problems with size as we generate a lot of traffic and we have to keep track of it. (We are a hospital.) Make sure you get enough disk space and CPU on the Envision appliance.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card