EZproxy

Version: EZproxy v6.X or later.

EZproxy is a web proxy server used by organizations to give access from outside the corporation's computer network to restricted-access websites that authenticate users by IP address.

Netsurion's Open XDR platform collects and analyzes critical events to provide administrator insight on client traffic, user behavior and intrusion attempts.

  • Security - IP address and user related intrusions
  • Compliance - User logon behavior
  • Operations - Allowed and denied web traffic

Once logs are received into Netsurion, alerts and reports can be configured into Netsurion.

The following Data Source Integrations are available in Netsurion to support EZproxy monitoring:

Reports

Type Name Description
Security EZproxy - Intrusion Details This report provides information related to detected intrusion attempts, including user name, source address and attack type fields.
Operations EZproxy - Allowed Traffic Details This report provides information related to web traffic allowed by EZpoxy, including device name, client address bytes transferred, request type, requested URI, requested URL, user agent type and user agent details fields.
Operations EZproxy - Denied Traffic Details This report provides information related to web traffic denied by EZpoxy, including device name, client address, error type and error details fields.
Operations EZproxy - Audit Log Purged This category briefs an administrator about purging of EZproxy audit logs.
Operations EZproxy - System Startup/Shutdown This category briefs an administrator about EZproxy startup and shutdown.
Operations EZproxy - Allowed Traffic This KO assists in analysis of web traffic allowed through EZproxy.
Operations EZproxy - Denied Traffic This KO assists in analysis of web traffic denied through EZproxy.
Compliance EZproxy - User Logon Details This report provides information related to user logon/logoff events, including user name, source address, logon status and logon details fields.

Documentation

The configuration details are consistent with Netsurion Enterprise version 7.X and later, EZproxy v6.X or later .

Download Integration Guide for more information.