My father runs a small business and has had a growing concern about some of the web activity for a couple employees. He's asked that we have a way to report the activity, but its a bit over my head. Probably the most important part of this is that it is for a "small business" (less than 15 employees) and whatever the solution is would need to be cheap, but effective.
Any recommendations for this?
EDIT
The budget needs to be in the $250 to $500 ball park. If the only options out there are all $1500, that would require some value proposition questions by the owner/father. So cheap is always better, but effective.
The office basically consists of a single server with 10 laptops/pcs. The server acts as the domain controller, application host (IIS stuff), SQL Server, exchange, etc. We do have a CISCO "PIC" device that is used as a firewall.
I have successfully used TrafMeter for doing this, for a 50 person company, its cheap and works pretty well to gather raw data. It can log to a SQL or Access database. The data you get out is raw network data, so might need to filter and present the data in a nice way, if your bothered.
You can route all your web traffic through a proxy server like squid, and then there are many options such as:
Or alternatively you could point your company's DNS servers to opendns, which will keep track of url's looked up. This is a much easier solution, but will not identify WHO did the lookup.
Be sure to announce to all employees that this is being done. You may need to have them sign a legal agreement (if not done already), stating your official policies on computer use at the business.
Personally, with an org this size, I'd just make sure they have enough work to do and monitor that, unless it's causing network problems - which is another story.
We use the Windows port SQUID to do this. It's a bugger to configure, but I have a config that I'd be happy to share. I import the logs to SQL Server (actually the free SQL Express) and then generate reports of top ten users, top ten web sites etc.
SQUID is free, but not if you have to pay someone to set it up for. If you're not happy configuring SQUID yourself maybe you'd be best to just buy a copy of ISA Server. This has prebuilt reports that cover most things.
Use a group policy to set the proxy server on your users' IE. You can also block outbound access to ports 80 and 443 from any addresses but the proxy, though the group policy will catch any but the most determines users.
John Rennie