• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
Capturing Barracuda Web Filter Activity in Reports
 

Capturing Barracuda Web Filter Activity in Reports

on

  • 1,278 views

 

Statistics

Views

Total Views
1,278
Views on SlideShare
1,278
Embed Views
0

Actions

Likes
0
Downloads
4
Comments
0

0 Embeds 0

No embeds

Accessibility

Categories

Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

    Capturing Barracuda Web Filter Activity in Reports Capturing Barracuda Web Filter Activity in Reports Document Transcript

    • Capturing Barracuda Web Filter Activity in Reports IT and HR administrators often require detailed information about the Internet usage behavior of RELEASE 2 users in the network to budget computing resources and ensure adherence to corporate policies. In addition to its powerful Web filtering and malware protection capabilities, the Barracuda Web Filter NOVEMBER 2009 allows administrators to generate more than 45 different reports on Internet activity. Reports can be generated on users’ Web browsing activity, by domains and content categories, by time spent online, or by their bandwidth consumption. Having a comprehensive, flexible and easy-to-use native reporting engine enables the Barracuda Web Filter to offer a fully integrated solution. Generating reports is simple. After simply selecting the time period, report type and format, administrators can view reports immediately. Alternatively, reports can be scheduled for automatic email delivery or archived to a network share over standard protocols such as FTP and SMB/CIFS. Additional filters can be applied to generate reports for a specific user/group, domain or category. Comprehensive • Reports on all aspects of monitored online activity. • Reports can be based on User Activity, Domains, Categories or Action taken. • Web requests, bandwidth usage, policy violations and Spyware activity presented in tabular and graphical form. • Applicable to IT Administrators, HR departments, executive management and other compliance functions. Flexible • Generate one-time reports or schedule automatic delivery on a daily, weekly or monthly basis. • Optional filtering by Source (Name, IP or User Group) of traffic or by Destination (Domain, Category). • Transparent integration with LDAP/AD or other authentication services. • Email delivery or archival to network shares over FTP or SMB/CIFS. • HTML, PDF, Text or CSV formats. • Interactive drill-down by Users, Categories, Domains, Time. • Automatically generated Content and Application Logs that track online activity in real-time. • Near real-time exporting of Syslog messages. • Batch exports of Web traffic log files for reporting in other applications. Easy-to-Use • Native reporting engine that does not require separate clients or database management. • Simple and intuitive Web user interface. Business Drivers for Reporting Network administrators are concerned with monitoring and optimizing computing and bandwidth resources across the organization. The vulnerability of the network to security risks is also a major concern. An administrator could be interested in monitoring how bandwidth is utilized, daily Internet usage patterns, infection activity and efficiency of Web filtering systems. On the other hand, human resources administrators are concerned with regulating Internet activity across the organization to minimize inappropriate content and loss of productivity. Human resource management is often tasked with ensuring that users are protected against security risks and inadvertent misuse of the Internet. Web Activity by Users A major issue facing organizations today is the increasing level of leisure browsing from within the workplace. This can lead to loss of productivity or even risk legal action from exposing users to objectionable content. The latter concern is particularly applicable to educational institutions that are legally obligated to regulate Internet access to inappropriate sites. Web sites can also host malicious applications such as spyware or viruses. Even apparently harmless Web sites can be compromised to host malware exposing organizations to significant security risks. Also, increased levels of leisure browsing can adversely impact bandwidth resources. With the popularity of tabbed browsers and streaming content, IT administrators are constantly contending with lack of bandwidth for mission-critical applications. A granular view into user Internet behavior can help optimize available network resources and also budget for future growth and scalability. 1
    • Barracuda Networks Capturing Barracuda Web Filter Activity in Reports The Barracuda Web Filter offers several reports to track Internet activity by users. Requests based reports help track users by the domains requested. These reports can be further filtered to identify users with the most number of blocked requests or users requesting domains within an objectionable category. Administrators can also track users and even machines in terms of the bandwidth consumed or by the amount of time spent online, or in individual browsing sessions. There are also security focused reports that let you identify users that requested known malware sites. These reports can help answer questions such as: • Which users are spending the most time online? • How much time did an individual user spend online last week and on which Web sites? • Which users are most responsible for bandwidth overutilization? Report types include: Report Type Description Users by Requests Lists Users in terms of number of Web requests recorded Users by Bandwidth Lists Users in terms of the bandwidth consumed Users by Time Spent List of commonly blocked content categories and the number of blocked requests Users by Session Time Lists Users in terms of individual browsing Session Times Users by Sessions Lists Users in terms of the number of browsing Sessions Sessions by User Lists individual session start and end times for users Clients by Bandwidth Lists machines (IP addresses) in terms of the bandwidth consumed Users by Spyware Requests Lists Users in terms of requests to known Spyware sites Source IPs by Requests Lists machines (IP addresses) in terms of the number of Web requests recorded Destination IPs by Requests Lists Web destinations (IP addresses) in terms of the number of Web requests recorded User Activity Log Detailed chronological log of Web requests made by users showing URLs, source machines and user details Requests by User Simplified version of the User Activity Log Applications by Requests Lists the Web Applications used in terms of number of requests Web Activity by Domains/Categories Another aspect to monitoring Internet usage is determining Web domain or categories that are requested most often, browsed for the longest time, subject to policy violations or consume the most bandwidth. While designing network usage policy, administrators have to often strike a balance between regulating access while not being overly restrictive. To do this, it is useful to understand which domains or categories are most popular among the users and then design policy to provide an appropriate level of access. For example, a network administrator could estimate that bandwidth usage is at a peak during certain hours and apply a restrictive policy then but allow access to some popular leisure sites, like personal email, during off-peak hours. Domains/Category based reports can be filtered for specific users of groups and they help address questions such as: • What are the most popular domains or categories among users? • How much time are my users spending on non-business related activity? • How much time did an individual user spend last week on social networking sites? • How much bandwidth is required for the coming year to support the corporate network? 2
    • Barracuda Networks Capturing Barracuda Web Filter Activity in Reports The following Barracuda Web Filter reports allow administrators to identify the most popular online content within their users: Report Type Description Domains by Requests List of domains in terms of number of Web requests recorded Domains by Bandwidth List of domains in terms of bandwidth consumed Domains by Session Time List of domains that incurred the longest browsing sessions Domains by Time Spent List of domains that were browsed for the longest total time Domains by Sessions List of domains in terms of the number of browsing sessions Domains by Users List of domains in terms of the users requesting them Sessions by Domain List of domains with individual session start and end times Categories by Requests List of categories in terms of number of Web requests recorded Categories by Bandwidth List of categories in terms of Bandwidth utilized Categories by Session Time List of categories that involved the longest browsing sessions Categories by Time Spent List of categories that were browsed for the longest time Categories by Sessions List of categories in terms of the number of browsing sessions Categories by Users List of categories in terms of the users requesting them Sessions by Categories List of categories with individual session start and end times Trends In addition to detailed Web browsing activity, you can also view trends over time. Trends include bandwidth usage, aggregate number of Web requests and policies. You can also monitor the volume of traffic processed by the Barracuda Web Filter using the TCP Connections report to estimate if the Barracuda Web Filter is operating within recommended performance limits. Trend reports are useful to characterize Internet usage across time or budget network resources. For example, an IT administrator can understand when bandwidth utilization peaks and balance traffic accordingly across multiple connections, data-paths or locations. Report Type Description Bandwidth by Date Bandwidth Usage for each hour in the time frame Bandwidth by Time of Day Combined Bandwidth Usage by time of day across the time frame Requests by Date Number of requests for each hour in the time frame Requests by Time of Day Combined number of requests by time of day across the time frame TCP Connections Usage Total number of Active TCP Connections for each hour in the time frame Browse Time by Date Combined total time spent online by users for each hour in the time frame Actions by Date Web requests broken down by the types of Actions (Allowed, Blocked, Warned, Monitor) for each hour in the time frame Actions by Time of Day Web requests broken down by the types of Actions (Allowed, Blocked, Warned, Monitor) for each hour in the time frame Infection Activity A major concern for Network Administrators is network security and protection from Web-based malware attacks. The Barracuda Web Filter prevents harmful downloads from the Internet as well as detects spyware activity from infected client machines. Spyware Infection Activity reports detail any detected spyware infections on client computers as well as harmful downloads that were prevented by the Barracuda Web Filter. Using these reports, Network Administrators can monitor the health of their network, detect vulnerabilities early, and design preventive and corrective measures. 3
    • Barracuda Networks Capturing Barracuda Web Filter Activity in Reports These reports help answer questions such as: • Are any of my machines infected with spyware applications? • Are my users accessing too many spyware sites? The available reports are: Report Type Description Infected Clients IP addresses of machines from which requests were made to known Malware sites Infections A list of infections seen during the time frame Spyware Sites A list of known Spyware domains requested Summary Reports To summarize information provided in the detailed reports, the Barracuda Web Filter provides aggregated views of user and domain activity. The following report types provide summary statistics that are typically useful to obtain a snap-shot of user Internet activity: Report Type Description User Activity Lists the users as per the number of requests allowed or blocked Bandwidth use by Category Total Bandwidth used by each category Time Spent by Category Total time spent on each category Total Bandwidth Total bandwidth consumed Total Web Requests Total number of Web Requests Total Time Spent Total Web browsing time Activity Summary Aggregate Activity Summary of users showing Domains by Requests, number of requests by date, Bandwidth by date, and domains visited most often “Domains by Time Spent” report for a specific LDAP user showing the sites visited by a specific user in the order of total time spent on each site. 4
    • Barracuda Networks Capturing Barracuda Web Filter Activity in Reports “Requests by User” report for all users showing the sites visited in chronological order. For questions about the Barracuda Web Filter, please visit http://www.barracuda.com/webfilter or call Barracuda Networks for a free 30-day evaluation at 1-888-ANTI-SPAM or +1 408-342-5400. For more information on our other security and productivity solutions, please visit http://www.barracuda.com/products. About Barracuda Networks Inc. Barracuda Networks Inc. combines premise-based gateways and software, cloud services, and sophisticated remote support to deliver comprehensive security, networking and storage solutions. The company’s expansive product portfolio includes offerings for protection against email, Web and IM threats as well as products that improve application delivery and network access, message archiving, backup and data protection. Coca-Cola, FedEx, Harvard University, IBM, L’Oreal, and Europcar are among the more than 100,000 organizations protecting their IT infrastructures with Barracuda Networks’ range of affordable, easy-to- deploy and manage solutions. Barracuda Networks is privately held with its International headquarters in Campbell, Calif. For more information, please visit www.barracudanetworks.com. Barracuda Networks 3175 S. Winchester Boulevard Campbell, CA 95008 United States +1 408.342.5400 www.barracuda.com info@barracuda.com 5