does anyone know of some good software to monitor employee internet usage?

some on the office pcs are fast, i7s others are very slow, old pentium IIIs or worse. so program should have little system requirements if possible.

network is a small business network controlled by a pc using vista business 64 bit.

employee terminals can connect to internet weather or not connected to server. older terminals use 32 bit xp pro new ones 64 bit win 7 pro.

thanks for the help.

Webspy?

or if you just don't want them on the internet you can remove the gateways and stop it alltogether, but that would be drastic measure.. i had to use it at my old job cause employees spent more time on the net than doing their work..

I'm using Websense, but it is WAAY too pricey for a small business...Not sure of any cheaper, smaller scale ones though..

F websense, that frikkin opressive application.....My company uses that and they have blocked so much crap its unbelieveable. Just yesterday they blocked CNN and foxnews b/c of streaming content when streaming doesnt even work when it wasnt blocked!!!

it doesn't need to block anything. we will probably just let employees know they are being monitored and hope that stops them browsing web at work for non work related issues. pretty much just want computer to keep log of whats been done on each pc regardless of how user sets internet options in browser.


none of the terminals have accounts set up. everyone just logs in as administrator. want to keep it like that. no ones that computer savvy.

something cheep and not to system intensive is what I'm looking for.

My workplace had a month long audit done earlier this year, and Facebook was far and wide the most visited site. We discovered a few employees who were literally on there all day long. We dont mind our employees surfing the web, but the Facebook rage put it out of hand. Just by blocking that site, everything is back under control.

www.untangle.com on a okay PC and your golden.

OpenDNS. they keep track of any and all websites visited from your IP.

it doesn't need to block anything. we will probably just let employees know they are being monitored and hope that stops them browsing web at work for non work related issues. pretty much just want computer to keep log of whats been done on each pc regardless of how user sets internet options in browser.


none of the terminals have accounts set up. everyone just logs in as administrator. want to keep it like that. no ones that computer savvy.

something cheep and not to system intensive is what I'm looking for.

If you are not going to block anything, then why not just have each employee sign a written letter indicating their acknowledgement of the "new" company internet policy and monitoring etc....Fake it....

If you want to know about where the employees are going....FACEBOOK Period.

Also Websense is expensive, hard to learn, difficult to put into place, and uses EXPENSIVE servers to run.....But it works good. When I decieded to use it, I had to install it myself (tech support sucks) then basically learn by trial and error. Bought a new Dual Quad HP G6, and $7k in licenses....But it works

F websense, that frikkin opressive application.....My company uses that and they have blocked so much crap its unbelieveable. Just yesterday they blocked CNN and foxnews b/c of streaming content when streaming doesnt even work when it wasnt blocked!!!

Try using "https" instead of http for the websites you want to visit. Most companies haven't found a way to block the secure sites with Websense...SHhhh our secret

What:

1. Install proxy
2. Point browsers to proxy
3. Review browsing activity

How:

1. Install squid on the server. Download and instructions:
http://squid.acmeconsulting.it/Squid27.html

2.easy. Configure the browsers to point to the squid proxy:
http://wiki.squid-cache.org/SquidFaq/ConfiguringBrowsers

Or

2.complex. Configure the firewall to send all port 80 traffic to squid proxy (requires no browser configuration, users would have a hard time circumventing this even tho they have local admin rights). This would require port forwarding to be setup on the firewall/router, going to the squid server, and then going out to the internet - the squid server would need to be between the firewall/router and the internet. This wouldn't work on a machine on the same part of the network as the rest of the machines.

3. Have employees sign new internet policy, noting that internet browsing will be monitored. Seeing as how they are all local admins, if they change their browser setting to not point to proxy, this will be obvious when you observe the proxy logs. This is an easy social problem to resolve - they agreed to the internet policy, violating it gets a written warning on their file. Repeated violations will be dealt with as is necessary.

4. Use log analyzer to make sense of squid logs:
http://www.squid-cache.org/Scripts/

Why:

This is simple enough to be worthwhile and provide a reasonable amount of control compared to the current wide open configuration. It makes abusing their internet rights a big enough inconvenience that it will deter all but the most determined employees. Anyone abusing it considerably will stick out in the proxy logs.

along with squid, you can install dansguardian for content filtering abilities.

I've used the open source edition of smoothwall and along with the dansguardian mod it works pretty well.

1. Install proxy
2. Point browsers to proxy
3. Review browsing activity


This would be a good method, although it would require changing the physical layout of the network, depending on how many computers you are talking about here this might be a difficult task. It would however be a great way to monitor employee traffic.

You wouldn't have to reconfigure the physical layout of the network to do that. Just point all browsers to one machine running the proxy, configure the proxy machine to go out through internet.

Ideally though, you are right and the proxy would be in a part of the network that the users couldn't avoid... Just not absolutely necessary to do it that way. If you view the logs and see people are changing their setting to avoid the proxy, you could try to handle that through social means rather than technical. (formal warnings, reprimand, etc)

Yeah, to tell you the truth most users wouldn't have the slightest idea as to how to change the settings on their browser, or even be able to tell that their machine was pointing to a proxy in the first place.

In our forensic lab at school we were behind an actual physical proxy, the switch pointed right to the proxy machine, so internet connection could be killed completely to all machines.

Work Examiner.