We are looking for a solution for a medium sized private school (k -12) to track users web activity. We'd want to be able to go back a week or so..nothing crazy. But would love to be able to get a report on a site\url and see what user visited that site and when. And of course, vice versa-- seek out a particular user and see what they visited and when.
Here's our infrastructure breakdown:
We are an Aerohive shop... half our devices we own, and about half are BYOD...where the students bring whatever. Includes Macs, Chromebooks, phones, PC laptops etc.
Our perimeter unit is a Palo Alto 3020- however, we do not authenticate users via the firewall. For url\category filtering, we base it all on IP address and what vlan\sub net you are on. Each school building has student, faculty and guest wireless subset. We authenticate wireless access via 802.1x using Archive radius enabled APs and our Active Directory...users are placed in the correct vlan based on AD group and Aerohive polices.
What I've done so far on our PAN for a basic test was to just configure a category for alerting ...shopping in this case..so that I can get some logging going. I then ran a report on my own IP. While the info is great, it doesn't tell me specifically "when" I visted a site. Also, if we wanted to run a report on a certain site to and capture what users visited that site in a givin time period...I don't see a way of doing that. Also, if we were to enabel logging on all allowed categories for all connected users\subnet ranges, I'm cerain this would whack our performance..so not sure if that's even feasible.
Anyway...just looking for a way to leverage our PAN is possible, and acheive the before-mentioned reports....or, if there are other better suited solutions out there.... would be great to hear about those too. Thanks much....Dennis...
... View more