Any HTTP or HTTPS connections from machines on the network can be monitored and controlled by GFI WebMonitor, regardless of whether the client machine is using a wireless connection to an internal router or a hard-wired connection to the LAN. However, there are differences in how this is done between the WebMonitor as plugin for TMG and WebMonitor standalone proxy versions.
GFI WebMonitor Proxy Standalone
The standalone proxy version listens on its configured proxy port (by default, port 8080) for HTTP and HTTPS traffic destined for remote webservers. If a client application (i.e. browser or other application) does not have its proxy settings set to GFI WebMonitor's proxy port, then WebMonitor will NOT control the traffic. This may be common with clients that are not a member of the domain such as wireless devices.
GFI WebMonitor as pluglin for TMG version
An Microsoft TMG Server serves as a firewall and all traffic to the internet is routed through it. The Microsoft TMG server sends ALL HTTP and HTTPS traffic through GFI WebMonitor, which acts as one of the web filters. Therefore, in this case, WebMonitor controls the traffic even if the proxy settings on the application/device are not set. If the proxy settings are not set, the traffic is showed up in WebMonitor as unauthenticated traffic. To control this traffic, you must have a policies that apply to IPs or IP ranges.To authenticate this traffic two things must be set:
- Proxy settings must be set on the client application.
- The Microsoft TMG server must be configured to authenticate traffic coming to its proxy port.