Getting Started Video

Here’s some information to help you get up and running with Fastvue TMG Reporter. If you have any issues, please don’t hesitate to get in touch.

Installing Fastvue TMG Reporter

1. Install Fastvue TMG Reporter

Download and run the TMG Reporter installation on a dedicated server or VM (see recommended OS and Hardware Requirements below). Do NOT install Fastvue TMG Reporter on your TMG Server.

2. Install the Fastvue Arbiter

Install the Fastvue Arbiter on your TMG Server. Only do this step if Forefront TMG is logging to SQL Express (default) or W3C Text. Do not install the Fastvue Arbiter if Forefront TMG is logging to a remote SQL server. Native *.iis text logs are not supported. The Fastvue Arbiter connects to TMG’s local logs and sends the data securely to the Fastvue TMG Reporter server on port 49361.

Access Rule Settings

3. Add Access Rule

If you installed the Fastvue Arbiter, create an Access Rule on the TMG server to allow communication between the Fastvue Arbiter and TMG Reporter. Allow TCP 49361 Outbound from the TMG Reporter server to Localhost for All Users. Click here for detailed instructions on adding the Fastvue Arbiter Access Rule, or jump to the 04:00 mark in the video above.

Add Source

4. Add Source

In your web browser (IE8 is not supported), browse to the TMG Reporter site you installed in step 1 (e.g.http://10.1.1.1/tmgreporter), and Add your TMG Server as a Source. You can do this on the Start page, or in Settings | Sources. If logging to a remote SQL Database, use the ‘SQL Server’ option in Settings | Sources.

Supported Operating Systems

Fastvue Reporter is designed for 64 bit Windows Server Operating Systems running Server 2008 R2, Server 2012 R2, or above.

The Fastvue Reporter installer will automatically install and configure the required pre-requisites which include .Net 4.6 and IIS (Web Server and Application Server roles). It will also install Open JDK and Elasticsearch in it’s own self-managed directory.

When installing, you will be asked to select a website to install too. If you are installing on a server with existing websites, we recommend creating a new website in IIS and installing to that. You can also choose to install to a sub-folder of an existing website (such as Default Web Site\Fastvue).

Hardware Requirements

More or less system resources may be required depending on the size of your network, volume of log data and number of reports needed to run concurrently. Here are some guidelines:

Network SizeRecommended Server Specification
Less than 500 Users4 CPUs/Cores, 6 GB RAM
500 – 1000 Users4 CPUs/Cores, 8 GB RAM
1000 – 3000 Users8 CPUs/Cores, 12 GB RAM
3000 – 5000 Users8 CPUs/Cores, 16 GB RAM
5000+ Users16 CPUs/Cores, 24 GB RAM

Also see Fastvue TMG Reporter’s System Requirements Explained.* Do not install Fastvue TMG Reporter on your Forefront TMG Server. TMG Reporter installs IIS (a web server) as well as a resource intensive service. This can affect the performance of your server, and increase the attack surface of your firewall.

Storage Requirements

During installation, you are asked where you want the Data Location to be. The amount of data stored per day will vary depending on the amount of traffic flowing through your Microsoft Forefront TMG Server.

The default data retention policy in Fastvue Reporter is 90 days or 90% of drive space, whichever comes first. If 90% of the drive leaves less than 20 GB free, the retention policy will adjust to allow at least 20 GB for Operating System files if the data path is on the same drive as the OS.

These data retention settings can be adjusted in Settings | Data Storage.

We do not advise installing to a network drive due to latency issues affecting the stability of our very frequent read-write operations. For best performance, use a local SSD drive.

Do not install to a mapped network drive, or use a mapped network drive as Fastvue Reporter’s data path, as the assigned drive letters will not exist in the system context – only the user context. If you must use a network drive, specify a UNC path such as \\servername-or-ip\fastvue, but keep in mind the performance issues mentioned above, and you will have to configure ‘full’ permissions for the Fastvue Server’s local system account.

After one or two days of collecting data, check the size estimates in Settings | Data Storage | Settings to see if you need to make adjustments to the data retention policy or your server’s disk space. These estimates become more accurate as data is imported.

Upgrading?

Backup Data Location FastvueReporter For Barracuda Web Filter

1. Backup Fastvue Reporter’s Data and Settings

If you want to upgrade your existing installation, we recommend backing up your existing settings and data first. This is as simple as making a full copy of the contents of Fastvue Reporter’s data location, shown in Settings | Data Storage | Settings (default is C:\ProgramData\Fastvue\TMG Reporter).

Tip: Compress the backup, especially the data.fvfs folder as this can be quite large.

Fastvue Reporter - Backup Web.Config

2. Backup Custom IIS Settings (if applicable)

If you have secured the Fastvue Reporter website with IIS or applied any other custom settings in IIS directly, you should also backup the web.config file in the website’s directory (usually under c:\inetpub\wwwroot\<fastvuereporter’s site name>). The installer will attempt to also backup and restore this file for you, but this is a good idea just incase there is an issue with the installation.

3. Upgrade / Installation

Once your current environment is backed up, download the new installer and run it over the top of your existing installation to upgrade. The installer will pick up your existing settings, so just click next throughout the wizard without making any changes. Once installed, browse to the site and clear the browser cache by hitting ctrl + F5 (cmd + R on Mac).

If upgrading from version 1.0 to 2.0, your existing data will be migrated to our new database format (Elasticsearch). This new database unfortunately requires twice the disk space as the previous version, so your data retention ‘size’ policy will be automatically increased if your available disk space allows for it. You will be notified of the change and given the option to confirm or change the settings.

Review Data Retention TMG Reporter

Data migration can take some time depending on the amount of historical data that you need to migrate. This process will happen in the background and you can view its progress in Settings | Data Storage.

As the data migrates, you can still use the Fastvue Reporter as normal to view dashboards, alerts and run reports on new data, or data that has been migrated.

4. Clear Cache

Once installed, browse to the TMG Reporter site and clear the browser cache by hitting Ctrl + F5 (Cmd + R on Mac).If buttons aren’t aligning properly, and things look strange, clear the browser cache in your browser’s settings and refresh the page.

TMG Reporter - Overview Dashboard

5. Enjoy!

It may take 10-20 seconds before the first records are imported. You can watch the records count in Settings | Sources. Once records start importing, you can go to the Dashboard tab to see your live network traffic.

Now you can test out the many features of Fastvue Reporter.

FAQs

Can I run Fastvue TMG Reporter on the Forefront TMG server?

Although it is technically possible to run TMG Reporter on the TMG server, we do not recommend it especially in a production environment. Forefront TMG is a firewall, and it is not good practice to install other services and application as it increases the number of possible attack vectors. There can also be issues with port conflicts when running IIS on your TMG server as other applications and services such as Web Proxy Auto Discovery may also try to use port 80.

Fastvue TMG Reporter is also a resource intensive service (by design) and if you run it on your Forefront TMG server, it may impact the performance of your Firewall and Proxy.

What is the Fastvue Arbiter?

The Fastvue Arbiter is an agent that runs on the TMG server. It’s purpose is to access your logs and communicate with the Fastvue TMG Reporter server. At the moment it only works with TMG’s default SQL Express logs and W3C text logs (not TMG’s IIS logs, or separate SQL database).  The Arbiter and Dashboard communicate on a specific port (49361) which you can add an explicit access rule for in TMG.

We developed the system this way to maintain the security integrity of your Forefront TMG server. The alternative is to either open file shares, or enable network access to TMG’s SQL Express database. Both of these options increase the attack surface of the Forefront TMG firewall. In consultation with TMG experts (such as Richard Hicks – tmgblog.richardhicks.com), we decided the best option is to create a small footprint agent to run on the Forefront TMG server that securely communicates with the Fastvue TMG Reporter server.

How does Fastvue TMG Reporter work?

Fastvue TMG Reporter consists of both a website (runs on Microsoft’s IIS Web Server) as well as a Windows service that runs constantly in the background importing and analyzing your Forefront TMG log files. When you install TMG Reporter, a web server (Microsoft IIS) will also be installed and configured. You can then browse to the website you specify during installation to monitor your network statistics and view alerts.

What does the ‘Anonymous’ user mean?

Forefront TMG will log ‘Anonymous’ for any unauthenticated traffic. Fastvue TMG Reporter is a great tool to help identify and reduce the amount of Unauthenticated traffic going through Forefront TMG. Hover over the Anonymous user and click ‘Run report on’. Then look at the Firewall Rules section of the Report to see the Access Rules allowing unauthenticated traffic. You can then switch these rules to ‘All Authenticated Users’ instead of ‘All Users’ in Forefront TMG. We have an article that further explains this here:

How do I secure the Fastvue TMG Reporter website?

You can restrict access to the Fastvue TMG Reporter site using Windows Authentication and Authorization rules in IIS. We have an article on how to do this here: How To Secure and Publish the Fastvue TMG Reporter Website

The Productivity Sections are Blank

If Forefront TMG’s URL Filtering is not enabled, all productivity sections in TMG Reporter will be blank. It is quite common for URL Filtering to become disabled after the 90 day trial of Forefront TMG, unless you enter a license key into URL Filtering subscription. To enable URL Filtering, see our article Productivity Sections are Blank.

TMG Reporter does not install

It has been reported that in some cases, the Fastvue TMG Reporter installation finishes prematurely and no website or virtual directory is created, and no files are installed. This is due to some pre-requisites in IIS not installing properly. To fix this issue, please see our article TMG Reporter does not install.

Something is not working, what should I do?

Visit our Support Portal. Here you can search our knowledge base, post a question, send us an email or engage us in a live chat.