Getting Started

Here’s some information to help you get up and running with Fastvue TMG Reporter. If you have any issues, please don’t hesitate to get in touch.

What you’ll need

  • Microsoft Threat Management Gateway (Standard or Enterprise edition).
    • Your TMG server must be logging to either the default SQL Express, or to W3C text logs. (W3C is recommended for a faster import speed).
  • Server to host Fastvue TMG Reporter
    • This machine must be running Windows Server 2008 R2 (Recommended), Windows 7, or Windows Server 2003. It is also recommended that the operating system is the 64 bit edition.* It is possible to install the TMG Reporter on your TMG server, however this is not recommended. TMG Reporter installs a web server (IIS) and this may increases the attack surface of your firewall if not properly secured. We allow this option for convenience while testing, but we do not recommend installing TMG Reporter on your TMG server in a production environment.
    • 4 GB of RAM or more. Quad-core CPU or higher.
      * for a light-load or test server (less than 30 networked machines), the software should run fine with 2GBs of RAM and dual-core CPU.

Also see Fastvue TMG Reporter’s System Requirements Explained.

Getting Started Video

This video takes you through the installation and setup process for Fastvue TMG Reporter.

Installing Fastvue TMG Reporter

The installer you downloaded allows you to install Fastvue TMG Reporter, the Fastvue Arbiter or both.

  1. Install the Fastvue Arbiter on your TMG server. The Arbiter connects to your logs and communicates with the Dashboard.
  2. Install Fastvue TMG Reporter on your designated ‘TMG Reporter’ Server (see ‘What you’ll need’ section above).
  3. Create the appropriate firewall rules on your TMG server:
    • If TMG Reporter is NOT installed on the TMG server (recommended):
      Create a firewall rule on the TMG server to allow communication between the Fastvue Arbiter and TMG Reporter. Allow TCP 49361 Outbound from Computer Object (TMG Reporter server) to Localhost. Click here for detailed instructions on adding the Fastvue Arbiter Access Rule.
    • If TMG Reporter IS installed on the TMG server:
      Add a firewall rule to allow http access to the TMG server from your internal network. Allow port 80 incoming from Internal network.
      * Note: It is generally not good practice to run a web server on your firewall. We support the ability to install TMG Reporter on your TMG server for convenience while testing, but we highly recommend using a separate web server in a production environment.
  4. Once both the Arbiter and TMG Reporter are installed and the firewall rules have been created, open your browser (make sure it’s the latest version for best performance), browse to Fastvue TMG Reporter (e.g.http://10.1.1.1/tmgreporter), add your TMG server and you’re away.

FAQs

What is the Fastvue Arbiter?

The Fastvue Arbiter is an agent that runs on the TMG server. It’s purpose is to access your logs and communicate with the Fastvue TMG Reporter server. At the moment it only works with TMG’s default SQL Express logs and W3C text logs (not TMG’s IIS logs, or separate SQL database).  The Arbiter and Dashboard communicate on a specific port (49361) which you can add an explicit access rule for in TMG.

We developed the system this way to maintain the security integrity of your TMG server. The alternative is to either open file shares, or enable network access to TMG’s SQL Express database.  Both of these options increase the attack surface of the TMG firewall. So in consultation with TMG experts (such as Richard Hicks – tmgblog.richardhicks.com), we decided the best option is to create a small footprint agent to run on the TMG server.

What is Fastvue TMG Reporter?

TMG Reporter consists of both a website (runs on Microsoft’s IIS Web Server) as well as a Windows service that runs constantly in the background importing and analyzing your TMG log files. When you install TMG Reporter, a web server (Microsoft IIS) will also be installed and configured. You can then browse to the website you specify during installation to monitor your network statistics and view alerts.

Can I run the Fastvue Dashboard on the TMG server?

Although it is technically possible to run the Dashboard on the TMG server, we do not recommend it especially in a production environment. TMG is a firewall, and it is good practice not to install other services and application as it increases the number of possible attack vectors. There can also be issues with port conflicts when running IIS on your TMG server as other applications and services such as Web Proxy Auto Discovery may also try to use port 80.

Something is not working, what should I do?

Visit our Support Portal. Here you can search our knowledge base, post a question, send us an email or engage us in a live chat.