cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
362
Views
5
Helpful
4
Replies

How to monitor Internet usage (web) with PIX installed

spejic
Level 1
Level 1

Hello all,

I am hoping you could recommend an appropriate solution for the following situation:

I have a customer who would like be able to occasionally monitor how his staff uses the Internet - basically which sites they are visiting and how much time they spend on these sites... no detailed reports would be required, just occasional monitoring. Obviously, their PIX 501 would have to be the source of the information.. I am assuming there would be an application out there (commercial or freeware) that would collect & analyze related PIX logs and translate them into an easily understandable form and advise of Web usage.

Any recommendations / advice will be MUCH apprechiated!

Thanks in advance,

Sean

1 Accepted Solution

Accepted Solutions

It does resolve the DNS and it links out to WHOIS Database from the reports to resolve outside IPs, you can set how long to keep the DNS Cache TTL (helpdful with internal DHCP clients). If you go to the web site they show a sample On Demand report. You can customize the reports to show specific traffic/events. Also you can analyze traffic for individual IPs and each report has links to explain the Syslog events. You can have the report emailed on a schedule basis.

View solution in original post

4 Replies 4

jmacdonald
Level 1
Level 1

I use FIREGEN FOR PIX LOG ANALYZER http://www.eventid.net/firegen/firegenpix2.asp

I beleive there is a 30 day evaluation copy at their site, found it works best in conjuntion with KIWI syslogd.

Thank you for you reply.

Does this program actually resolve IP addresses to the corresponding DNS names (so that the person monitoring the traffic can see which websites have been / are being visited that day..)

It does resolve the DNS and it links out to WHOIS Database from the reports to resolve outside IPs, you can set how long to keep the DNS Cache TTL (helpdful with internal DHCP clients). If you go to the web site they show a sample On Demand report. You can customize the reports to show specific traffic/events. Also you can analyze traffic for individual IPs and each report has links to explain the Syslog events. You can have the report emailed on a schedule basis.

Thank you for your help!!

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: