not too sure if this would be better as a standalone product, or as an addon to isa server. but does anyone know of a tool that can log the internet traffic that goes through isa server? something like mrtg, but maybe a bit nicer to work with, support for database, support to specify what protocols to look for or ports to monitor for activity. something that will show a graph of current bandwidth activity, daily, weekly, monthly, etc etc.
Webspy Analyzer is a stand-alone utility which can analyze many different firewall logs including ISA 2004. The only drawback that I saw is it needs too much processing power and memory to analyze the logs. The best side of Webspy is that it doesn't need MSDE or SQL format and can work with W3C format and you don't need to work with Firewall Clients because Webspy has aliasing capabilities to give aliases to IP addresses.
Posts: 16
Joined: 7.Oct.2003
From: Torrance, CA
Status: offline
I have used PRTG from Paessler, a German software company, and have had little trouble with getting it configured, it is set it and forget it solution with a better management interface than anything that I found for MRTG.
Like MRTG, it is a SMNP graphing program, but that is where the comparison ends, PRTG comes with very simple organization, page templates, and uses very little band width. It can packet sniff, alert, and do way more than I needed.
The only trouble I found in 2+ years of use is covered in a web site article: After installation, move the "data" folder out of the All Users\Documents folder, otherwise it will fill the OS drive in a very short time. Took me about 1 1/2 years, and Windows 2003 sp1 showed this to me before it was too late, whew!
Each new build is a snap to install, I wish other products were as easy.
Sort network traffic according to many protocols Show network traffic sorted according to various criteria Display traffic statistics Store on disk persistent traffic statistics in RRD format Identify the indentity (e.g. email address) of computer users Passively (i.e. withou sending probe packets) identify the host OS Show IP traffic distribution among the various protocols Analyse IP traffic and sort it according to the source/destination Display IP Traffic Subnet matrix (who's talking to who?) Report IP protocol usage sorted by protocol type Act as a NetFlow/sFlow collector for flows generated by routers (e.g. Cisco and Juniper) or switches (e.g. Foundry Networks) Produce RMON-like network traffic statistics
I wish GFI made version 1 of webmon avalible to people as thats what we have on our old ISA 2000 server. It just shows the last 100 web connections out. Nothing fancy but it ran and made life alot easier. I have emailed them about a download link as I cant get it on there site. No idea if it works with ISA 2004 yet but I hope so. I hate all the download security stuff etc as it creates a lot of problems (the old product called "download security" was terrible too)