Blue Coat Reporter 7 provides identity-based reporting on Web communications enabling enterprises to evaluate Web policies and manage network resources more effectively. Only Blue Coat Reporter 7 can provide the breadth and visibility of Web-based user activities on your network. This is because the ProxySG provides comprehensive policy-enabled logging to pinpoint and capture policy-defined activities by your users.

Blue Coat Reporter 7 monitors all content-level traffic that flows through the network to highlight inappropriate Web use issues, content requested (URLs, spyware installs, P2P downloads, IM, etc.), network stability, and network performance. With reporting to the individual user-level, Reporter 7 makes it easy to see who's using the Internet inappropriately, including the types of sites visited, the content downloaded, the time of day and resulting exposure to the business.

Blue Coat Systems introduces its next-generation Reporter 7, a powerful reporting tool that offers fast and easy log file importation from the ProxySG with 50+ pre-defined reports. Combined with the ProxySG and ProxyAV line of products, Reporter 7 provides the following functionality:

High Performance

• Instant Reporters user interface – Graphical interface that imports log data and provides HR, IT, legal and other personnel with instantaneous reports.
• Performance Enhancements – Performance-optimised design gives 30X improvement when importing log files from the ProxySG
• URL Filtering Databases – Works with any “On-Proxy” supported URL database

Reporter 7 imports a log file and builds a database indices.

Drill-Down Reports

• Zoom filters – Powerful new filtering tool for dynamic drill-down into ProxySG log files
• Top Ten Summaries - List Top 10 sites accessed, users, categories, content types, and more
• Tracking of numeric fields – Track event duration, including server response time, plus simultaneous tracking on both send and receive bandwidth
• Main table – Completely new facility combining all database fields and log entries into a single ‘spreadsheet style’ table allowing virtually unlimited query flexibility using new arbitrary filters

Reporter 7 displays the top ten categories visited for a specific log file.

Policy Enabled Reports
Using the ProxySG and ProxyAV appliances, companies can enable Blue Coat policy logging. Specific events can be configured to trigger an entry into a log file. Therefore, tracking a user’s Web activities has never been easier. For example, policy-based logging can provide the following information:

• User Reports - Track web users' usage patterns, regardless of location or application. Show access summaries, blocked sites, sites accessed by category, time of day, length of time at site and more.
• Network Traffic Reports - Measure Web traffic performance, trends, errors, bandwidth impact, streaming traffic levels and more.
• Security Reports - Evaluate security risks and track user activity that is potentially dangerous including spyware, IM, and P2P usage. Quickly determine which users have accessed malicious content and report on activity into and out of the firewall.

Scheduled reports can be emailed to other departments such as HR or legal.

Reporter 7 Features

Blue Coat Reporter creates flexible security, IT and network reports for your entire organisation. With centralised log aggregation and geography-based reporting, Reporter 7 scales to the volume of log information even the largest enterprises can generate. With role-based administration via an easy-to-use browser interface, reports with read-only privileges can be distributed to multiple administrators and HR personnel on a scheduled basis.

Blue Coat Reporter 7 provides network personnel and other department leaders with the following key reporting functionality:

• Extensive drill-down reports
• Comprehensive log file inputs
• Policy-enabled logging
• User/Session Tracking
• Advanced administration

Extensive Drill-Down Reports

Blue Coat Reporter 7 provides network personnel and other department leaders 50+ pre-defined reports formatted for easy, drill-down review. These pre-defined reports include:

• General traffic profiles (time-of-day, date, month)
• Security/Anti-Virus (viruses, worms, trojans)
• Filtering Categories (top ten lists, categories by user, etc.)
• Web content (URLs/directories visited)
• Users (authenticated users and failed attempts, client IP’s, etc.)
• Technical Profiles (response codes, operations, etc.)
• Sessions (sessions overview, session pages, session users)
• Log Details (comprehensive log summary)
• Security (spyware traffic, infected clients, questionable apps)

Comprehensive log file support. Reporter 7 provides compatibility with a wide range of log formats including: W3C, Squid, Common log, IIS, and many others. Users can also create custom formats and integrate those with Blue Coat Reporter. Reporter 7 will automatically recognise common log formats during log importation. Unrecognised (custom) formats can be manually specified.

Policy-enabled logging. Your reports are only as good as the log files used. Through the Blue Coat ProxySG, log files can be generated for specific user behavior. This allows administrators to define electronic policies that trigger a log report only when the defined activity occurs. This reduces the amount of data an administrator must review and saves corporate personnel time.

Additionally, logs can be streamed from Blue Coat appliances and aggregated in real-time to create live reports for administrators who need up-to-the-minute reports.

User/Session tracking. Report on individual, department or company activity. Blue Coat Reporter 7 displays the number of sessions, repeat visitors, entry/exit pages, and time spent per page. It can show any aspect of visitors' aggregate or individual click-stream paths.

Additionally, through comprehensive authentication support by the ProxySG, users can be positively identified and their Web-activities fully tracked. Thin clients from Microsoft and Citrix are supported.

Advanced administration. Reporter 7 provides the ability to share reports with other departments and network personnel through:

• Role-based administration
• Secure report scheduling and delivery

Role-based Management. Administrators can allow multiple personnel (HR, IT, Legal, etc.) to view specific reports for delegated management as read-only documents.

Secure report scheduling and delivery. Unique reports can be emailed to multiple managers for secure viewing via HTTPS. Reporter 7 can schedule and generate reports automatically via the built-in scheduler.

Advanced Spyware Reports

Blue Coat Reporter 7 provides the capability to track and view spyware activity on your network. This includes viewing reports for the following activities:

• Spyware traffic
• Spyware infected clients
• Blocked suspected spyware

Spyware Traffic:
Displays spyware (and adware) sites visited by the user such as Gator, iMesh, etc. In addition to server domains displayed, this report shows hits, page views, bytes uploaded and bytes downloaded from these sites. This report allows an administrator to get a better understanding of how many clients on his network are infected with spyware. This report is generated through four vectors of information including content security filters detecting spyware at the gateway and reporting on it, users visiting known spyware sites, spyware detected by WebAV scanning, plus Spyware calling home from infected systems.

Spyware Infected clients:
This report displays any client (by IP address and server domains) that has been infected with spyware and has made attempts to communicate with an external spyware site. The spyware communication is blocked if the ProxySG is using the Blue Coat spyware policy. A log file is generated by the ProxySG showing which clients are infected and which clients made attempts to communicate with external servers.

Blocked Suspected Spyware:
This report displays blocked suspected spyware sites through the use of content security filters, WebAV scanning (with ProxyAV) and special spyware URL categories. Blocked spyware sites are displayed in this report along with the application or executable such as Gator.com/autoupdate (a spyware application attempt) and dst.websearch.com/Dnl/T-50154/TBPS.cab (a drive-by install attempt).

Reporter 7 Specifications

Blue Coat Reporter 7 is provided in two versions: Standard and Enterprise. Both products offer outstanding performance of log file imports and intuitive drill-downs for easy viewing of log data. Standard Reporter is for smaller organisations that want the power and full functionality of today’s reporting tools, yet will produce a limited number of reports. Enterprise Reporter is for the larger enterprises that produce numerous reports and want the speed of dual-processor support. Blue Coat Reporter 7 offers:

• A cross-platform processing and reporting engine that runs across Windows 2000 and Linux platforms
• Compatibility with a wide range of log formats including: W3C, Squid, Common log, IIS, and many others. Users can also create custom formats and integrate those with Blue Coat Reporter. WebSense and SurfControl log formats are not supported with Blue Coat Reporter.
• No cost upgrade to the Enterprise edition for existing Reporter version 6 customers with existing license key.
• No cost download of the Standard version for Blue Coat customers with an active ProxySG support contract.

Blue Coat Reporter 7 Specifications Chart

Supported Operating Systems:

• Windows: Windows 2000, XP, and 2003 Server for Windows
• Linux: Redhat Linux version 9 or higher:

Although Blue Coat Reporter may successfully install and run on other versions of Linux, the behavior on these systems cannot be predicted. Therefore, Blue Coat does not support Linux operating systems outside of recent Redhat releases.

Hardware Requirements:

• Pentium III, 1Ghz minimum, P4 recommended
• 30 MB of disk for installation. Disk space required for the database is dependent on log size. For maximum disk throughput, a hardware RAID disk array is recommended.
• 512 MB RAM for the database minimum, 1GB or more recommended. If multi-processor use is intended the minimum and recommended applies to each processor.

Client Web Browser Support:

• Internet Explorer® 5.5 or 6.0 (IE 6.0 recommended)
• Mozilla Firefox

Other browsers may work, but will not be supported. Versions of Internet Explorer prior to 5.5, and browsers based on Mozilla prior to 1.7 are known to be incompatible.