1.    07 Jul 2017 #1
    Join Date : Jun 2017
    Posts : 4
    Windows 10 Pro

    Setting up Network Monitoring for Small Business


    My boss wants to be able to monitor the web history and logins to websites accessed on all staff computers in the business without using a proxy. She wants something that can pull the local username from the computer and what content was viewed. How can we about doing that if six people share several different computers on one network? We all use Windows 10 Pro with Static I.P.s if that helps any at all. I showed her how Proxy applications worked but she wasn't thrilled with the logging into the web browser all of the time.
      My ComputerSystem Spec
  2.    07 Jul 2017 #2
    Join Date : Jul 2016
    Crewe Cheshire
    Posts : 1,451
    windows 10

    Proxy server does it all what's not clear is why your logging in via browser you just the the PC to use a proxy and it's seemles
      My ComputerSystem Spec
  3.    07 Jul 2017 #3
    Join Date : Jun 2014
    Posts : 540
    Microsoft Windows 10 Pro 64-bit

    Monitoring what sites your staff visits can be done using the router logs if it supports it, I use LEDE/OpenWRT and it's easy to monitor.

    Since most sites people log into use HTTPS it is going to be harder to get their name and passwords. ( probably illegal too ) You're going to have to create a HTTPS certificate and install it on every computer to capture this.

    If your users are using Chrome as their browser don't bother trying it will make it quite obvious what she is up to.

    If your users are using using Internet Explorer she will probably get away with it, Unless they visit a Google owned site or use Google+ as a logon to site don't bother trying it will make it quite obvious what she is up to.

    If they are using a smart phone don't bother trying it will make it quite obvious what she is up to.

    What she wants to do is called a Man in the Middle Attack ( Google that to learn how ) if your router supports port mirroring it will make it easier. It's not easy to setup and it will slow the network down to a crawl if your company has three or more computers.
    Note on WireShark:
    The file you end up with be huge and picking out the data she wants will take one person probably days for just a 8 hour day of logs

    Big companies buy routers or computers setup to do this easily. but they are very expensive and even more so for the undetectable one's
      My ComputerSystem Spec
  4.    08 Jul 2017 #4
    Join Date : May 2015
    Central IL
    Posts : 4,221
    Mac OS Sierra

    Quote Originally Posted by Dashie1021 View Post
    My boss wants to be able to monitor the web history and logins to websites accessed on all staff computers in the business without using a proxy. She wants something that can pull the local username from the computer and what content was viewed. How can we about doing that if six people share several different computers on one network? We all use Windows 10 Pro with Static I.P.s if that helps any at all. I showed her how Proxy applications worked but she wasn't thrilled with the logging into the web browser all of the time.
    Run everything through OpenDNS for Business and use something like Symantec's EndPoint Cloud to make secure policies. It would be a tax writeoff for those tools to be used to help maintain the network and making sure that people are not trying to do something they should not be.

    The other option would be to either buy a NAS like a Synology that has two Ethernet ports, up the RAM in it, install two Enterprise drives with enough space, secured drive copy on an external, setup a Domain on it. Otherwise build a pfSense box, XG, Endian or one of the other good Community edition firewall/UTM packages. List of all Firewall/UTM builds that are built on a Linux platform. List of router and firewall distributions - Wikipedia
      My ComputerSystem Spec
  5.    08 Jul 2017 #5
    Join Date : May 2015
    Central IL
    Posts : 4,221
    Mac OS Sierra

    Just be aware that users have to agree to that they are being monitored on their systems to cover the company in case they try to state that someone else was using their credentials, which should also be a part of the statement that they sign, that they agree to be monitored all times while using company workstations and on the company network. They also need to be given a section that describes their rules allowed for arbitration and it would be their cost if they decide to hire an outside third party mutual person to be their representative if they may be found guilty of violation of the policy, but that does not automatically clear them if the company still makes the decision to cut ties that would not damage their ability of getting a referral after they resign. None if they get fired.
      My ComputerSystem Spec

 


Similar Threads
Thread Forum
System thinks PC is part of business network - it isn't
Win10 AU v 1607. This is a PC I bought from HP (which might explain everything!). The "Join a Domain or Workgroup" option claims my PC is part of a business network. It is not and never has been. Changing the option to be a home computer does...
Network and Sharing
National Small Business Week: 8 Windows 10 PCs for small businesses
Source: National Small Business Week: 8 Windows 10 PCs great for small businesses - Windows For Your Business
Windows 10 News
Lose small icon setting after power off
I can set icon size and text size no trouble, but every time I sign in again after a shut down the icons and text have reverted to defaults. I think this has only happened after an automatic update of the Nvidia driver and on the same occasion I...
Customization
Business type workgroup Network
Finally installed Win10 on a computer with raw HD. It installed realtively easy. But I can not figure out how to setup a network to see two Win7 computers on a small business type workgroup. I disabled Homegroup since I am most comfortable...
Network and Sharing
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd
All times are GMT -5. The time now is 13:13.
Find Us
Twitter Facebook Google+ Ten Forums iOS App Ten Forums Android App



Windows 10 Forums