GFI Software/GFI WebMonitor
GFI WebMonitor is a comprehensive monitoring solution that enables users to monitor and control web traffic activity(browsing and file downloads) in real-time. It also enables administrators to block active web connections as well as scan web traffic for malicious activity including viruses, trojans, spyware and phishing.
Contents |
Aim [edit]
The aim of this book is to provide access to important information that can help users make the best use of GFI WebMonitor. Wikibookians are therefore encouraged to update this content and/or send feedback, ideas and comments on how this documentation can be further improved via the wiki discussion board, GFI Forums, or by sending an email to documentation@gfi.com.
All feedback is welcome! Please contribute your topics with the above principles in mind.
Introduction [edit]
Research by IDC shows that up to 40% of employee Internet access is non-work related. GFI WebMonitor is a web security and internet access control software that allows administrators to monitor employees' web browsing activities and ensure that any files downloaded are free of viruses and other malware.
How does GFI WebMonitor work? [edit]
 Users request a webpage or a download from the Internet. The incoming traffic generated by the user’s request is forwarded to GFI WebMonitor. |
|
The internal GFI WebMonitor blacklist/whitelist filtering mechanism analyzes users’ IDs and IP addresses and requested URLs. GFI WebMonitor takes the following actions regarding blacklist and whitelist web traffic:
|
|
Analyzes uncategorized web traffic received from the blacklist/whitelist filtering mechanism against a list of categorized websites stored in the WebGrade database. Web traffic is blocked, allowed or quarantined according to the configured policies. Quarantined web traffic can be manually approved or rejected by the administrators according to the user’s needs and requirements, at a later stage. Approved quarantined URLs are moved in a temporary whitelist; a mechanism used to approve access to a site for a user or IP address for a temporary period. NOTE: The WebFilter module is only available in the WebFilter Edition and the Unified Protection Edition of GFI WebMonitor. In the WebSecurity Edition, web traffic is sent directly from the whitelist/blacklist filtering mechanism to the WebSecurity module. |
|
Analyzes web traffic through the download control module and scans incoming material for viruses, spyware and other malware. Infected material is allowed, blocked and quarantined or blocked and deleted according to the configured policies. Web traffic is also scanned for phishing material against a list of phishing sites stored in the updatable database of phishing sites. Thus, web traffic generated from a known phishing element is rejected. Finally, the approved web material is forwarded to the user. NOTE: The WebSecurity module is only available in the WebSecurity Edition and Unified Protection Edition of GFI WebMonitor. In the WebFilter Edition, WebSecurity processing is not performed, and web traffic is forwarded on to the user. IMPORTANT: Forwarding of approved web material by GFI WebMonitor to the user depends on the network environment; i.e. where GFI WebMonitor is installed. |
For more information on GFI WebMonitor, refer to How does GFI WebMonitor work?
GFI WebMonitor versions [edit]
GFI WebMonitor is available in the following versions:
- GFI WebMonitor Standalone: This version allows administrators to monitor and control web-traffic activity on networks that do not have a web-proxy deployed. This version comes with a built-in web proxy and can be installed as a gateway or as a proxy server. To deploy GFI WebMonitor in Gateway mode, two network interface cards are required. To deploy GFI WebMonitor in Proxy Server mode, a router that supports traffic forwarding and port blocking is required.
- GFI WebMonitor for ISA/TMG: This version allows administrators to monitor and control web-traffic activity on networks that are running Microsoft ISA/TMG web proxy.
Getting Started Guide for GFI WebMonitor Standalone [edit]
The aim of the GFI WebMonitor Getting Started Guide is to help you install GFI WebMonitor in Gateway mode or Simple Proxy mode on your network with minimum configuration effort. It describes:
- The different environments supported by GFI WebMonitor.
- How to install and configure GFI WebMonitor in Gateway mode.
- How to install and configure GFI WebMonitor in Simple Proxy mode.
- A high-level overview of the user console.
- How to get GFI WebMonitor running on default settings.
- How to configure Traffic forwarding and Port blocking on commonly used routers.
- Troubleshooting common issues.
The following links enables you to browse GFI WebMontor Getting Started Guide.
Chapter 1: Introduces the Getting Started Guide and provides information on GFI WebMonitor version
Chapter 2: About GFI WebMonitor standalone version
Chapter 3: Installing GFI WebMonitor in Gateway mode
Chapter 4: Installing in Simple Proxy mode
Chapter 5: Customizing Proxy settings
Chapter 6: Uninstalling GFI WebMonitor
Chapter 7: Launching GFI WebMonitor
Chapter 8: Miscellaneous
Chapter 9: Troubleshooting
Chapter 10: Glossary
GFI WebMonitor Getting Started Guide for ISA and TMG [edit]
The aim of the GFI WebMonitor Getting Started Guide is to help you install GFI WebMonitor as an Add-on over Microsoft ISA/TMG. It describes:
- How GFI WebMonitor works.
- How to install and uninstall GFI WebMonitor.
- A high-level overview of the user console.
- How to get GFI WebMonitor running on default settings.
- Troubleshooting information on common issues.
The following links enables you to browse GFI WebMontor Getting Started Guide.
Chapter 1: Introduces the Getting Started Guide and provides information on GFI WebMonitor version
Chapter 2: About GFI WebMonitor ISA and TMG version
Chapter 3: Installing GFI WebMonitor
Chapter 4: Uninstalling GFI WebMonitor
Chapter 5: Launching GFI WebMonitor
Chapter 6: Miscellaneous
Chapter 7: Troubleshooting
Chapter 8: Glossary
Administration and Configuration Manual for GFI WebMonitor Standalone [edit]
The aim of the GFI WebMonitor Administration and Configuration Manual is to help you use and configure GFI WebMonitor when installed as a network Gateway or a Proxy server. It describes:
- How to use GFI WebMonitor dashboard.
- How to monitor internet activity.
- How to configure Whitelist and Blacklist
- How to configure WebFilter and WebSecurity editions.
- How to configure GFI WebMonitor proxy settings.
- How to configure GFI WebMontor Quarantine.
- Troubleshooting information on common issues.
The following links enables you to browse GFI WebMontor Administration and Configuration manual.
Chapter 2: Using the GFI WebMonitor dashboard
Chapter 3: Monitoring Internet activity
Chapter 4: Allowing and blocking users, IP addresses and sites
Chapter 5: WebFilter Edition - Site rating and content filtering
Chapter 6: WebSecurity Edition - File scanning and download control
Chapter 7: Configuring GFI WebMonitor
Chapter 8: Quarantine
Chapter 9: Miscellaneous
Chapter 10: Troubleshooting
Chapter 11: Glossary
GFI WebMonitor Administration and Configuration Manual for ISA and TMG [edit]
The aim of the GFI WebMonitor Administration and Configuration Manual is to help you use and configure GFI WebMonitor when installed as an Add-on to Microsoft ISA/TMG. It describes:
- How to use GFI WebMonitor dashboard.
- How to monitor internet activity.
- How to configure Whitelist and Blacklist
- How to configure WebFilter and WebSecurity editions.
- How to configure GFI WebMontor Quarantine.
- Troubleshooting information on common issues.
The following links enables you to browse GFI WebMontor Administration and Configuration manual.
Chapter 2: Using the GFI WebMonitor dashboard
Chapter 3: Monitoring Internet activity
Chapter 4: Allowing and blocking users, IP addresses and sites
Chapter 5: WebFilter Edition - Site rating and content filtering
Chapter 6: WebSecurity Edition - File scanning and download control
Chapter 7: Configuring GFI WebMonitor
Chapter 8: Quarantine
Chapter 9: Troubleshooting
Chapter 10: Glossary
Troubleshooting [edit]
This section explains how you should go about resolving issues that you might encounter while using GFI WebMonitor. The main sources of information available are:
- The manual - most issues can be solved by reading GFI WebMonitor manual
-
- Download product manuals from www.gfi.com
- GFI Knowledge Base articles
-
- GFI maintains a Knowledge Base, which includes answers to the most common problems. If you have a problem, please consult the Knowledge Base first. The Knowledge Base always has the most up-to-date listing of technical support questions and patches. To access the Knowledge Base, visit http://kbase.gfi.com/.
- Web forum
-
- User to user technical support is available via the web forum. The forum can be found at http://forums.gfi.com/.
- Contacting GFI Technical Support
-
- If you still cannot solve issues with the software, contact the GFI Technical Support team by filling in an online support request form or by phone.
- Online: Fill out the support request form on: http://support.gfi.com/supportrequestform.asp. Follow the instructions on this page closely to submit your support request.
- Phone: To obtain the correct technical support phone number for your region please visit http://www.gfi.com/company/contact.htm.
- NOTE: Before you contact our Technical Support team, please have your Customer ID available. Your Customer ID is the online account number that is assigned to you when you first register your license keys in our Customer Area at https://customers.gfi.com/login.aspx.
- GFI support will answer your query within 24 hours or less, depending on your time zone.
- If you still cannot solve issues with the software, contact the GFI Technical Support team by filling in an online support request form or by phone.
Common issues [edit]
| Issue Encountered | Solution |
|---|---|
| Users are not able to browse and/or download from the Internet after installing GFI WebMonitor as a standalone proxy version. | After the installation, GFI WebMonitor proxy machine has to be configured to listen for incoming connections.
Internet browsers on client machines have to be configured to use the GFI WebMonitor proxy machine as the default proxy. In the event that the users are still not able to browse and/or download from the Internet, add an exception rule in the firewall on the GFI WebMonitor proxy machine to allow incoming TCP traffic on port 8080. |
| Client browsers are still retrieving old proxy Internet settings although the browsers are configured to automatically detect settings. | Internet explorer may not refresh cached Internet settings so client browsers will retrieve old Internet settings. Refreshing settings is a manual process on each client browser. Refer to Microsoft article |
| When installing GFI WebMonitor standalone version, users are still required to authenticate themselves manually when browsing, even when Integrated authentication is used. | Integrated authentication will fail when GFI WebMonitor is installed on a Microsoft Windows XP Pro machine that has never been joined to a Domain Controller and where the Network access setting is set to Guest only - local users authenticate as Guest |
| When installing GFI WebMonitor standalone version, Mozilla Firefox browsers are repeatedly asked to key in credentials. | The server and the client machine will use NTLMv2 for authentication when:
To solve this issue do one of the following :
Or change authentication mechanism on either of the following: On GFI WebMonitor server (Microsoft Windows Server 2008):
Client machines (Microsoft Windows 7) using Active Directory GPO:
For more information refer to GFI Kbase |
