How to monitor terminal server users?

4.0

Author:
IMFirewall Software
HomePage:
http://www.imfirewall.us

Contents

  1. Introduction
  2. Network Topology
  3. Enable "Account Monitoring"
  4. Enable "Proxy Server"
  5. Terminal Server Settings

1 Introduction

Terminal Services allows IT departments to install applications on a central server. For example, instead of deploying database or accounting software on all desktops, the applications can simply be installed on a server and remote users can log on and use them via the network. This centralization makes upgrading, troubleshooting, and software management much easier.

However, since all terminal clients share the server's network, it becomes difficult to monitor/filter individual users internet usage because most internet monitoring/filtering products only monitor/filter internet activities based on ip addresses or MAC addresses.

This tutorial will guide you to monitor/filter terminal service users with WFilter's "account monitoring" and "proxy server" features.

2 Network Topology

Network topology diagram:



Figure 2.1



Please notice: WFilter shall not be installed in the terminal server.

3 Enable "Account Monitoring"

First you need to enable "Account Monitoring".

If you have an available active directory, you can integrate WFilter with your Active Directory.

If not, you also can enable "WFilter Local Account" to monitor/filter by users.

For more details, please check: How to do monitoring/filtering based on user accounts?.



Figure 3.1



4 Enable "Proxy Server"

Check "Enable Proxy" in "System Settings"->"Proxy Settings", and enable "User Authentication", as in below figure:



Figure 4.1



5 Terminal Server Settings

For WFilter to monitor terminal client users, please check below steps:

  1. First you need to block the terminal server's internet access in your router or firewall, to force the terminal server to access internet via the WFilter proxy service.
  2. Assign an proxy user account for each terminal service client. (If "windows active directory" is enabled in "Account Monitoring", you can directly use your domain username/password. If "WFilter local accounts" is enabled, you need to add the client users in "WFilter local accounts".)
  3. Each client need to configure its browser to use the WFilter proxy service, for detailed settings, please check: Detailed Proxy Client Settings.

Now, each activity is associated with an username:



Figure 5.1



Each client is applied with its own blocking policy:



Figure 5.2