This article provides relevant information on how GFI WebMonitor monitors Internet activity over wireless connections. Also, it further explains the differences in operations between the Standalone Proxy versions and WebMonitor as a plugin for Microsoft Forefront Threat Management Gateway (TMG).
Any HTTP or HTTPS connections from machines on the network can be monitored and controlled by GFI WebMonitor, regardless of whether the client machine is using a wireless connection to an internal router or a hard-wired connection to the LAN. However, there are differences in how this is done between the WebMonitor Standalone Proxy versions and WebMonitor as a plugin for Microsoft Forefront Threat Management Gateway (TMG).
GFI WebMonitor Standalone Proxy
The Standalone Proxy version listens on its configured proxy port (by default, port 8080) for HTTP and HTTPS traffic destined for remote webservers. If a client application, e.g., a browser, does not have its proxy settings set to GFI WebMonitor's proxy port, WebMonitor will not control the traffic; this may be common with clients that are not a member of the domain, e.g., wireless devices.
GFI WebMonitor as a Plugin for TMG Version
A Microsoft TMG server serves as a firewall, and all traffic to the Internet is routed through it. The TMG server sends all HTTP and HTTPS traffic through GFI WebMonitor, which acts as one of the web filters. Therefore, in this case, WebMonitor controls the traffic even if the proxy settings on the application or device are not set, and the traffic will show up as unauthenticated traffic in WebMonitor. To control this traffic, you must have policies that apply to IPs or IP ranges. The below conditions must be met for the traffic authentication to take place:
- The proxy settings must be configured on the client application.
- The Microsoft TMG server must be configured to authenticate traffic coming to its proxy port.