Everyone has seen the Anonymous user in their Forefront TMG Reports. This is because Forefront TMG logs 'anonymous' in the username field for all unauthenticated traffic. We have blogged about the Forefront TMG Anonymous User, and written numerous support articles. But here is the best tip we can give you to reduce unauthenticated traffic in Forefront TMG:
We're happy to announce Fastvue TMG Reporter 2.1 Beta is now available! New features include Activity Reports, Custom Report Scheduling, Comprehensive Filtering, Drilldown Reporting, Import from remote SQL Logs, and native support for Windows Server 2012 and Window 8.
The Fastvue Log Grep Utility takes a folder of W3C text logs (or any text files), and produces new files containing only the log lines matching your search criteria. The new files are unaltered in format and structure and retain the original log headers. The Fastvue Log Grep Utility is perfect for cutting down a folder of Forefront TMG or ISA Server W3C text logs to just the information in your search string. You can then import these reduced files into WebSpy Vantage, or any other log analysis app. And it's Free!
Forefront TMG's ISP redundancy allows you to connect two separate ISP's as routes out to the Internet. There are two configurations; fail-over or load balanced. Failover configuration provides a robust Internet connection in [...]
Forefront TMG does not log authenticated usernames or site hostnames for SecureNAT Clients. The Top Sites sections in Fastvue TMG Reporter will therefore only show IP addresses for SecureNAT traffic, and the Top Users sections will only show the Anonymous user. Fortunately the site hostname issue can be fixed by applying a hotfix from Microsoft. This enables Forefront TMG to log the hostname with the URL, so that site names can be reported on in Fastvue TMG Reporter.
Forefront TMG web chaining is a clever way to allow one Forefront TMG server to pass proxy clients on to another TMG server that has Internet access. However, these scenarios pose a unique challenge for reporting on user activity. This article takes you through configuring a Forefront TMG web chaining environment, and provides some options to overcome the issue they create for reporting on user Internet activity.
Old machines running IE6 with no service packs or security updates are a big security concern. Fortunately you can use TMG Reporter to easily identify and track down old neglected 'zombie' machines that may still be running IE6 and connecting to the internet. Just create an alert, sit back and relax, and wait for the IE6 zombies to come out and play!
From anonymous browsing to 'I didn't visit that site!'. Here are our answers to the five most commonly asked Forefront TMG Reporting questions.
Forefront TMG reporting just received a huge upgrade with the new features in the latest Fastvue TMG Reporter release. Custom Reports, SQL Support and more.
By actively monitoring Forefront TMG's Intrusion Prevention and Malware Inspection events, you can identify the source of vulnerabilities and take immediate action. This article explains how to test the intrusion prevention (NIS) system as well as the malware inspection system, and how to monitor and alert on these events.