SpectorSoft makes a number of surveillance utilities, but I am not sure how well they'd run under Metaframe. You should contact them to ask, and by all means do make sure that the software is tried on a test server prior to implementation in a production environment. Furthermore, be extremely careful of the legal ramifications of this form of monitoring; the software is capable of capturing far more than just URLs visited, and you will get yourself into a lot of trouble if you use the full surveillance capacity possible. Also, I'm not sure that they have a solution that scales in the fashion you need. www.spectorsoft.com Another option would be to utilize a proxy server solution that integrates with AD (I'm assuming you're using Active Directory) to associate requests with users. If you are using a Checkpoint firewall, there are OPSEC-compliant products that can integrate with it to provide this, for a price. www.opsec.com And also keep in mind above all else that it is possible to circumvent all of this with an anonymizer service. > -----Original Message----- > From: Bob DeBolt [mailto:bob.deboltat_private] > Sent: Tuesday, July 22, 2003 10:10 PM > To: pen-testat_private > Subject: Citrix workstation URL viewing > > > Greets > > I don't know if this is the correct > list but I'll try. > > I need to monitor http traffic on a Citrix > network. It uses 128 bit enc. from client > desktop to the Citrix servers, in other words > all internal traffic is encrypted. When traffic > exits the Citrix servers to the firewall and out to > the Internet it can be monitored, but will only > reveal the server IP address. Has anybody faced > this scenario and did you find a reasonable solution. > > By reasonable I mean possibly something like a workstation > installable utility that catches all the URLs a > user access's. All we want to do is match URL's with > a workstation IP. > > Sincerely > > Bob DeBolt > Pres / CTO > Starblanket Research > > > -------------------------------------------------------------- > ------------- > -------------------------------------------------------------- > -------------- > > --------------------------------------------------------------------------- ----------------------------------------------------------------------------
This archive was generated by hypermail 2b30 : Wed Jul 23 2003 - 10:39:08 PDT