I have an ISA 2006 Firewall and i have done some set of rules for Internal Users. I just want to check its Reporting. But ISA is not providing all URL accessed from Internal Users. It's only providing Top 10-20 sites which are accessed most. But i want report for all sites which requests come on ISA.
AFAIK, ISA does not provide that report by default. That report will be huge in terms of data so, makes sense for not showing that report.
However, if you are using the web proxy logs as w3c text files then you can view the logs in notepad. But, there is not default way of getting what you are looking for. May be someone from the forum to help you get an addon, which i am not aware of...
I am not using Web Proxy. Can you guide me how can i do this on my Network and what will be the benefits for using this.
From Forum, if somebody knows about ISA Reporting, Kindly suggest.
Inderjeet: i want one more thing, when i have applied to block gmail and orkut, the ISA blocks the Gmail and Orkut when users access it through http. But if users access gmail and orkut through https, then ISA doing Nothing. Kindly suggest for this.
There are few things you should know about web proxy. When you use the clients as web proxy, ISA server resolves the public names for the client machines. Web proxy can be configured on client machines by defining the ISA name and the port number 8080 (by default) under the IE tools > Internet options > Connections > Lan Settings. Since ISA resolves the names so now it knows the URLs and will put the URLs in the report but again it will only put the top 10-20 URLs only because its not a built in report in ISA to give a list of all websites accessed.
By default ISA server uses the MSDE based database to store all logs. You cannot read these logs in notepad or so. If you want the logs to be readable you can have them stored as W3C and then you can open these files in Notepad to see the logs. Moreover, the Logs will be huge considering the amount of internet activity happening through ISA. Reading though logs could be a time consuming activity. It's helpful if you need to check a specific info but it's not helpful in your scenario as it will give you everything in logs
Web proxy logs will only have URLs if your client machines are web proxy clients or you have the ISA firewall client installed on the user machines.
You can change the format of web proxy logging under Monitoring > Logging > web proxy logging (on right side bar)
when i have applied to block gmail and orkut, the ISA blocks the Gmail and Orkut when users access it through http. But if users access gmail and orkut through https, then ISA doing Nothing. Kindly suggest for this.
How did you setup your URL set and your access denied rule?