Fastvue Reporter for SonicWall – Installation and Setup

Setup Instructions for New Installations

1. Download and Install

Download Fastvue Reporter for SonicWall and install on a machine (or virtual machine) that meets our recommended requirements for your network size.

DO NOT INSTALL FASTVUE REPORTER ON YOUR SONICWALL GMS SERVER unless you know what you’re doing. Fastvue Reporter installs a website running on port 80 which may conflict with the GMS web interface.

Fastvue Reporter is designed for 64 bit Windows Server Operating Systems running Windows Server 2008 R2 or above (will also run on Windows 7, Windows 8 or above, but a server OS is preferred). The Web Server and Application Server Roles (.NET 3.5 and IIS) will be automatically installed and configured.
Network Size Recommended Server Specification
Less than 500 Users 4 CPUs/Cores, 6 GB RAM
500 – 1000 Users 4 CPUs/Cores, 8 GB RAM
1000 – 3000 Users 8 CPUs/Cores, 12 GB RAM
3000 – 5000 Users 8 CPUs/Cores, 16 GB RAM
5000+ Users 16 CPUs/Cores, 24 GB RAM

* Virtual environments are recommended so you can scale the resources as required.

The default data retention policy in Fastvue Reporter is 90 days or 50 GB, whichever comes first. This can be adjusted in Settings | Data Storage.

The amount of data stored per day will vary depending on the amount of traffic flowing through your SonicWall. Check the amount of data in Settings | Data Storage after one day of installing to see if you need to make adjustments to the data retention policy.

2. Configure SonicWall Syslog

Configure SonicWall to send Network and Web Traffic events via Syslog to the Fastvue Reporter machine.

  1. Go to Manage | Log Settings | Syslog and set the Syslog Format to Enhanced Syslog
  2. Click the Enhanced Syslog Fields Settings: button and check all the available fields.
  3. Under the Syslog Servers section, add your Fastvue server as a syslog server.
    SonicWall SonicOS 6.5 Syslog Settings
  4. Go to Manage | Log Settings | Base Setup and expand the Log | Syslog section. Check the Syslog column for the Syslog Website Accessed events. Set the priority to Informational.
  5. Still in Manage | Log Settings | Base Setup, expand Security Services | Content Filter and check the Syslog column for Website Accessed & Website Blocked events, again making sure the priority is Informational
    SonicWall 6.5 Syslog Settings Base Setup
  6. Still in Log | Settings, expand Network | Network Access and check the Syslog option for Connection Closed, Web Request Receiver and Web Request Drop events, again making sure the priority is Informational
    SonicWall 6.5 Network Access Syslog Events
  7. Ensure you have SonicWall’s Content Filtering Services (CFS) enabled and active in Security Services | Content Filter.
    SonicWall SonicOS 6.5 Enable Content Filtering Services CFS

We also recommend deploying SonicWall’s DPI-SSL feature for reporting an alerting on HTTPS traffic such as Google Searches and YouTube videos.

  1. If you are running 6.2.6.0-20n, request hotfix 6.2.6.0-20n–HF176616-1n from SonicWall support to fix a critical logging bug. This fix will be included in 6.2.6.1 generally.
  2. Go to Log | Syslog and set the Syslog Format to Enhanced Syslog
  3. Under the Syslog Servers section, add your Fastvue server as a syslog server.
    SonicWall Syslog Configuration for SonicOS 6.2.6.0
  4. Go to Log | Settings and expand the Log | Syslog section. Check the Syslog option for the Syslog Website Accessed events. Set the priority to Informational.
  5. Still in Log | Settings, expand Security Services | Content Filter and check the Syslog option for Website Accessed & Website Blocked events, again making sure the priority is Informational
    SonicWall Log Settings SonicOS 6.2.6.0
  6. Still in Log | Settings, expand Network | Network Access and check the Syslog option for Connection Closed, Web Request Receiver and Web Request Drop events, again making sure the priority is Informational
    SonicWall Log Settings Network Access SonicOS 6.2.6.0
  7. Ensure you have SonicWall’s Content Filtering Services (CFS) enabled and active in Security Services | Content Filter.
    SonicWall Enable CFS SonicOS 6.2.6.0
  1. Go to Log | Syslog and check the Override Syslog Settings with Reporting Software Settings checkbox and click Accept. This option fixes an issue where URL Categories are not logged for Allowed traffic. Read more.
  2. Under the Syslog Servers section, add your Fastvue server as a syslog server.
    SonicWall Syslog Configuration For SonicOS 5.9
  3. Go to Log | Settings and expand the Log | Syslog section. Check the Syslog option for the Syslog Website Accessed events. Set the priority to Informational.
  4. Expand Network | Network | Network Access and check the Syslog option for Website Blocked & Website Accessed events, again making sure the priority is Informational
  5. Ensure you have SonicWall’s Content Filtering Services (CFS) enabled and active in Security Services | Content Filter, either via App Rules or Zones and Interfaces, and that you have an App Rule or Zone configured to use CFS.
  1. Go to Log | Syslog and ensure the Syslog Format is set to Default
  2. Under the Syslog Servers section, add your Fastvue server as a syslog server.
  3. Go to Log | Categories and ensure the logging level is set to Informational
  4. In the Categories section, check the Syslog checkbox for the Network Traffic events.
  5. Ensure you have SonicWall’s Content Filtering Services (CFS) enabled and active in Security Services | Content Filter, and that CFS is applied to one of your zones in Network | Zones
Add A SonicWall Syslog Source in Fastvue Reporter

3. Add a Source

Add the SonicWall as a Source in Fastvue Reporter. This can be done on the start page that is presented after installation, or in Settings | Sources | Add Source.

4. Enjoy!

It may take 10-20 seconds before the first records are imported. You can watch the records and dates imported in Settings | Sources. Once records start importing, you can go to the Dashboard tab to see your live network traffic.

Now you can explore all the features of Fastvue Reporter such as:

  • Live Dashboards (Bandwidth, Productivity and Web Protection).
  • Simple, Powerful Reporting.
  • Schedule Reports for anyone in your organization
  • Real time alerts.
  • Seamless Active Directory integration
  • + Many more!

1. Backup Fastvue Reporter’s Data and Settings

If you want to upgrade your existing installation, we recommend backing up your existing settings and data first. This is as simple as making a full copy of the contents of Fastvue Reporter’s data location, shown in Settings | Data Storage | Settings (default is C:\ProgramData\Fastvue\Reporter for SonicWall).

Tip: Compress the backup, especially the data.fvfs folder as this can be quite large.

Fastvue Reporter - Backup Web.Config

2. Backup Custom IIS Settings (if applicable)

If you have secured the Fastvue Reporter website with IIS or applied any other custom settings in IIS directly, you should also backup the web.config file in the website’s directory (usually under c:\inetpub\wwwroot\). The installer will attempt to also backup and restore this file for you, but this is a good idea just incase there is an issue with the installation.

3. Upgrade / Installation

Once your current environment is backed up, download the new installer and run it over the top of your existing installation to upgrade. The installer will pick up your existing settings, so just click next throughout the wizard without making any changes. Once installed, browse to the site and clear the browser cache by hitting ctrl + F5 (cmd + R on Mac).

Note: This process upgrades the application only. Your existing data and reports are not affected and will be available as normal after the installation. However, the Dashboard and Alerts from the previous installation will be cleared and will start rebuilding as new data is imported.

4. Enjoy!

It may take 10-20 seconds before the first records are imported. You can watch the records count in Settings | Sources. Once records start importing, you can go to the Dashboard tab to see your live network traffic.

Now you can test out the new features of Fastvue Reporter, such as:

  • Live Dashboards (Bandwidth, Productivity and Web Protection).
  • Simple, Powerful Reporting.
  • Schedule Reports for anyone in your organization
  • Real time alerts.
  • Seamless Active Directory integration
  • + Many more!