EZproxy
Version: EZproxy v6.X or later.
EZproxy is a web proxy server used by organizations to give access from outside the corporation’s computer network to restricted-access websites that authenticate users by IP address.
Netsurion Open XDR collects and analyzes critical events to provide administrator insight on client traffic, user behavior and intrusion attempts.
- Security – IP address and user related intrusions
- Compliance – User logon behavior
- Operations – Allowed and denied web traffic
Once logs are received into Netsurion Open XDR, alerts and reports can be configured into Netsurion Open XDR.
The following are the key Data Source Integration available in Netsurion Open XDR.
Reports
| Type | Name | Description |
|---|---|---|
| Security | EZproxy – Intrusion Details | This report provides information related to detected intrusion attempts, including user name, source address and attack type fields. |
| Operations | EZproxy – Allowed Traffic Details | This report provides information related to web traffic allowed by EZpoxy, including device name, client address bytes transferred, request type, requested URI, requested URL, user agent type and user agent details fields. |
| Operations | EZproxy – Denied Traffic Details | This report provides information related to web traffic denied by EZpoxy, including device name, client address, error type and error details fields. |
| Operations | EZproxy – Audit Log Purged | This category briefs an administrator about purging of EZproxy audit logs. |
| Operations | EZproxy – System Startup/Shutdown | This category briefs an administrator about EZproxy startup and shutdown. |
| Operations | EZproxy – Allowed Traffic | This KO assists in analysis of web traffic allowed through EZproxy. |
| Operations | EZproxy – Denied Traffic | This KO assists in analysis of web traffic denied through EZproxy. |
| Compliance | EZproxy – User Logon Details | This report provides information related to user logon/logoff events, including user name, source address, logon status and logon details fields. |
Documentation
The configuration details are consistent with Netsurion Open XDR 7.x and later, and EZproxy.
Download Integration Guide for configuration instructions and more information.