Web Proxy

A web proxy is a server that acts as a buffer between a user and their destination on the web. Adding a web proxy allows InsightIDR to track visits to potentially malicious domains and track cloud service usage. In combination with firewall data, a web proxy can track visited URLs and pinpoint exactly which user is doing the visiting.

Configure Web Proxy

To collect web proxy events, configure the device to send syslog to the collector on a unique TCP or UDP port (above 1024).

Web Proxy Logging

The Insight Platform can ingest logs from these web proxies:

Check Point Web Proxy

Traditionally Check Point is a firewall event source. However, you can now collect web proxy documents based on Checkpoints URL filtering events.