Log all traffic to specific networks

Hello,

We have to log all accesses to certain client systems from now on "for reasons". And actually in such a way that these accesses can be assigned to specific employees.

Question 1:

This should be done for http accesses via the WebProxy (running in transparent mode) as well as all other protocols, especially https and SSH.

Can the UTM do this and if so, how do I set it up?

Question 2:

In perspective, I would like to have a resolution of IP addresses to persons, as I can hardly reconstruct retrospectively who got which DHCP address at what time with which device. There is an extremely loose BYOD policy here :-(

Is there a possibility that access to the customer networks is only allowed after logging on to the UTM?

This should work from OSX, iOS, Windows and Android, from the LAN and from the VPN.


Many thanks for your ideas!

lg - Chris

Parents Reply
  • Hi Rapha,

    tank you for your answer.

    But it is not a branch. We have IPSEC tunnels to different costumers. They work as expected - until I switch on webfilter for https.

    And unfortunately adding the costumer target network(s) to allowed networks on webfilter global policies does not help to route the https traffic from LAN to costumer sites via the tunnel again. Clients will end up in a tie out and I have to switch off https filtering as soon as I can.


    Cheers - Chris

Children
No Data