Explicit proxy mode and fortianalyzer reports

Question

Hi,

we found that:

- in large environment with Citrix/RDS, using FSSO agents just doenst work reliably. Users log off/on are not intercepted, Fortigate things a user is logged in when it is not = reports are wrong

- Webactivity reports are a mess: i can have a 5 pages with the same url listed, each line shows every like millisecond. It seems it cannot aggreagate data, i.e. a user went to facebook 3 times, once at 1200pm once at 1pm and once at 2pm. Instead of showing everysingle transaction towards facebook, resulting in logs showing hundreds of lines.

This is a major problem, i mean squid can do that much better, it is free but it is a pain to maintain.

How do you guys deal with it? If i use say the fortigate in explicit mode, do i have 100% accurancy on which user is browsin which page?

thanks

Wurstsalat · Answer

We are on testing the explicit Proxy and if you use authentication (not ip based) it seems to be reliable, if you use ip based authentication it is the same like you experienced in the past - at least for us

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded