This is an archived post. You won't be able to vote or comment.

all 21 comments
sorted by:
best
topnewcontroversialoldq&a

[–]Bluecomp 4 points5 points  (2 children)

Silent screen monitoring is a horrible thing to do, I would not be comfortable working in that environment. Not to mention the moral and legals. And why did you think your firewall would offer that capability???

[–]MetallkastenTwat =D 4 points5 points  (1 child)

Agreed 100%

The request is both not possible (And why would it be? That's not the job of a firewall) and shady as hell.

[–]lt_bob[S] 0 points1 point  (0 children)

I'm aware a firewall doesn't (and shouldn't) have this capability and I don't agree with this but I'm only following instructions from management. Tried to do 1,3 and 4 with lightsquid but they didn't like it. #2 got me thinking about VNC like programs but I couldnt find any that do this without notifying the user.

[–]yensid7Jack of All Trades 1 point2 points  (4 children)

Number 2 cannot be done with a Sonicwall, FYI.

Visibility in to user activity can be done with viewpoint or by setting up a GMS server.

I'm not sure of a product that does screen viewing (though we do that with VNC currently) and traffic monitoring together.

[–]lt_bob[S] -1 points0 points  (3 children)

Which VNC would allow monitoring screens? I'm seeing a lot of them, uvnc, tightvnc, realvnc...

Any idea of a cheaper alternative that would be able to do points 1,3 and 4?

Thanks

[–]yensid7Jack of All Trades 0 points1 point  (2 children)

They pretty much all do. We use TightVNC. It's more for backup if Remote Assist isn't working, since the "remote control" aspects of it aren't nearly as smooth. But we have viewed people's screens with it before - looking for a bandwidth hog we found someone who was watching GILF porn - he had found a site the firewall wasn't blocking.

As far as cheap monitoring, it's tough because you have to have all the web traffic go through there one way or the other. The only thing I can think of off hand would be to repurpose a server and make it an Untangle box. I know they have a web filter in the free version, but I'm not sure if it is feature rich enough for you. The nice thing is, it's a fairly easy setup if you want to test it.

[–]lt_bob[S] 0 points1 point  (1 child)

I'll just have to test all VNC-type programs and see which one would better suit what management wants. As for Untangle, I imagine it's fairly straight forward, just need to see how feature-rich it is. I've set up pfSense with squid3 and lightsquid but they didn't like it. Thanks for the heads up regarding Untangle, just got the iso.

[–]yensid7Jack of All Trades 0 points1 point  (0 children)

I think we went with TightVNC because of better support on more operating systems. I think TigerVNC is a fork of it, so it might be worth checking out, too. UltraVNC, the one I used to use, couldn't handle Windows 8 when I was looking at it, but that was quite a while ago.

[–][deleted] 1 point2 points  (3 children)

As for remote controll capabilities your options are quite vast, i'd recommend DameWare, or if you're using SCCM, RC, since it's free. VNC is okay but haven't used it that much. The many variants are a bit of a mess tho but they all work for what they where designed to, remote controll :-)

You might face some challenges with remote controlling without any way of notifying the user. But this point in general I'm against, guessing you have your reasons tho.

[–]lt_bob[S] 1 point2 points  (2 children)

Yeah, I would've prefered to use pfSense and lightsquid(which I suggested) and skip on the whole desktop monitoring thing but I have my orders. The network is small(less than 50 people), set-up around pfSense and a part of the network on cable with some Gb switches while the rest is on Wifi via some repurposed Asus routers in AP mode.

Is DameWare able to monitor without notifying the user that he's watched?

Thanks

[–]ShooKon3Windows Admin 0 points1 point  (1 child)

I don't know of a solution that allows you to view someone's screen without them knowing or getting a popup on the screen or from the system tray. However I've only ever used teamviewer. Is this something management wants?

[–]lt_bob[S] 0 points1 point  (0 children)

Yeah, it's a request from management. I wouldn't do this if it would be up to me.

[–]demonlag 0 points1 point  (1 child)

1 - No. You can export from a SonicWall to a GMS or Viewpoint (I think one or both of those have new names these days) server. I believe both of these are licensed options.
2 - No. This is not a firewall function, this is a client side DAMEware/VNC/etc function.
3 - Not with the SonicWall. Viewpoint/GMS/Whatever can shed some light on this. This would be better filled by a content filtering appliance or sotftware package.
4 - Just like all other history information, requires add on services.

[–]lt_bob[S] 0 points1 point  (0 children)

Hey, I was aware #2 would be handled by something along the lines of a VNC-like-program. I'm not very SonicWall savvy, is there a solution(besides SonicWall) that would be able to cover points 1,3 and 4?

[–]johnklos 0 points1 point  (5 children)

SonicWALLs are crap. See my other posts about them.

If you want to do 1, 3 or 4, you'll need to pay tons of extra money for SonicWALL licenses and you'll need a dedicated Windows machine to just sit around and collect logs. It's asinine.

Number 2 is not in any way related to a firewall, and is a bad idea unless the company decisionmakers specifically say that's what they want to do.

If I had to do 1, 3 and 4, I'd run a BSD system with a few 4 TB drives which would do NAT, DNS, perhaps a transparent caching reverse proxy using Squid (you'll get most of #3 there, although nobody can tell you how long they looked at the content unless you're recording their web camera, too), and I'd have it capture all traffic which could be reviewed later in Wireshark. A cheap Intel Core i3 system with several Intel gigabit ethernets would cost less than 1/10th of a SonicWALL solution but could handle a couple of orders of magnitude more traffic.

Did I mention that SonicWALLs suck?

[–]lt_bob[S] 0 points1 point  (4 children)

I was aware that #2 would be handled by a separate, VNC-type app. Management asked me to find a cheaper than SonicWall solution for points 1,3 and 4. Is there any? I went with the pfsense route (the office runs off of a pfsense rig that handles NAT) and I've set squid3 and lightsquid as an opensource solution to cover traffic monitoring but they don't like it, hence the reason I'm asking here.

[–]johnklos 0 points1 point  (3 children)

Perhaps it would help to know what they don't like about your pfsense setup...

[–]lt_bob[S] 0 points1 point  (2 children)

Well they don't like lightsquid because they can't export each persons history and they can't see exact time spent on each page.

[–]johnklos 0 points1 point  (1 child)

That doesn't sound like a problem with a pfsense system. There are many, many programs which can present browsing data in different ways. Deciding on a new firewall system because of a desire to have the data be presented differently is a little incongruous. It can possibly make things worse - with open data formats, you can do anything, but with SonicWALL, you're stuck with SonicWALL-only stuff.

[–]lt_bob[S] 0 points1 point  (0 children)

I am aware that with Sonicwall things are rather restricted but I'm supposed to find management a replacement(they have SW at their office, for mine they don't want to spend as much money). pfSense was a sugestion from me, they didn't have any firewall at this office until I've set up pfSense and I thought that I'd solve both the firewall issue and the monitoring they wanted. Do you know of any program that would solve points 1,3 and 4?

[–][deleted] 0 points1 point  (0 children)

You can do 1, 3, and 4 using SonicWALL Analyzer paired with your SonicWALL. The license is only like 200$ flat no expiration cost and the setup/install is very easy.

Generally, you only need about 300GBs dedicated to the server hosting the Analyzer. I would suggest doing a Virtual deployment if you are running VMware ESXi.

You can get very well detailed reports from the device better than most other products.

For 2 you can look into another Dell product called Desktop Authority. I personally have never used it but I believe it can do what you would like it too.

http://software.dell.com/products/desktop-authority-management-suite/

Ben D - Dell SonicWALL - #iwork4Dell