Thread Info
  • Locked Locked
  • Replies 5 replies
  • Subscribers 3 subscribers
  • Views 10407 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Best methods to monitor HTTP traffic

MikeJeffers

I just stood up a UTM 9 instance at my house. I've got several kids with numbers mobile devices. What's the best solution for monitoring web traffic and reporting on it?

 

I'm interested in reporting based on user. User definitions will have to be MAC addy or IP based since I've got no domain here.

 

I'd love to hear what you've done and what's worked well for you. Paid solutions would be fine, too.



This thread was automatically locked due to age.

  • Mike, when the UTM's DHCP server assigns an IP address, you can see the MAC on the 'IPv4 Leases' tab.  You also can [Make Static] there which will create a Host definition that causes the IP in the definition to be assigned by DHCP whenever that device appears.  Be careful to assign an IP different from the one assigned by DHCP as static assignments are not "reservations" as with Windows DHCP.  Static assignments must be outside the dynamic range of the UTM's DHCP server.  Once you've done this, the name of the Host object will appear in reports.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA

  • Thanks for the reply, Bob. I've got a handle on the numbering scheme of my network. It is a mix of static IPs and DHCP with a few reservations. I got that part of UTM down pretty good. I'm more interested in finding out what others are doing to report on HTTP traffic per user. The canned reports coming out of UTM are good, but I'm looking for a solution that provides more detail.

  • in reply to MikeJeffers

    Ask your reseller about iView, Mike.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA

  • I thought surely this topic would yield some opinions or solution reviews from folks. Anyone else using UTM to monitor HTTP traffic?

     

    Here's a question. Is it possible to use UTM as a proxy for HTTPS traffic?

  • in reply to MikeJeffers

    Yes, Mike, Configuring HTTP/S proxy access with AD SSO suggests using Standard mode, but you now can do this with Transparent.

    There are other advantages to using Standard for your non-guest traffic, so you might be interested in a document I maintain that I make available to members of the UTM Community, "Configure HTTP Proxy for a Network of Guests."  If you would like me to send you this document, PM me your email address.

    Cheers - Bob

    PS Ignore my previous comment about iView - I just noticed that you're doing this at home.

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Unfiltered HTML