Windows Proxy Server (WinGate) – Testing & Implementation – Article 1
A lot of small businesses have recently asked me if there are ways to monitor the users’ internet use, as well as to block certain websites and online services. With all the enquiries about this specific client-needs, I have tested a couple of solutions which is not expensive or difficult to administrate.
I have started my tests with Squid (also known as SquidProxy or SquidCache). As it is a free internet proxy / cache service which can be installed on Linux, Windows and other operating systems, it seemed like it would be the perfect solution which could technically be implemented for free. Well, Squid’s configuration is not the simplest and easiest to use. There is no GUI to ease up the configuration process. After getting Squid to work, I found that it was blocking all the Office 365 services (Outlook, OneDrive, etc.), even after you configured it for all HTTP traffic to be allowed. Reading up on the issues (the little number of articles available for this specific issue), you need to install certificates and do intense configuration for Squid to allow the Microsoft Office 365 services to work. And yes, I have seen posts where people still comment that one should not make use of Microsoft and expressed their hatred towards the Microsoft products, and that their “free” productivity software are “way better than Microsoft” – come on people. I just cannot see my clients working and running big businesses on an inferior, open and less secure platform like OpenOffice, Google Docs, etc. (hopefully this won’t generate a heated discussion with the Microsoft haters).
After more reading up on available Windows-based internet proxy software, there were other products on the market to make use of. Some for free and others with quite a huge price-tag. Some offer really nice features, but not quite what I had in mind. I have worked with WebSense in the past and I must admit, it is really not bad at all, but I still required something simplistic, yet powerful and secure enough to use.
I then found that a lot of companies use WinGate (by Qbik). There is a trial version available to download as well, so I gave it a shot. You can use WinGate for free (less than 10 concurrent connections to the proxy) with limited features, otherwise the paid Professional version of WinGate will set you back around R8000 for 25 concurrent connections. To give you some background, the computer which WinGate was installed is a Windows 10 Pro (64-bit) machine, with 8GB RAM and enough Hard Drive space. To be honest, I can say that the install and basic configuration to get the proxy working did not take me longer than 15 minutes.
The GUI of WinGate is very easy to use, but some network and server experience will be really advantageous – especially if you need to setup a transparent proxy, or use LDAP authentication, etc. There are a lot of tools available to easily set access rules for connected clients / users to block certain websites and services. The live monitoring is a very cool feature where you can see each user’s browsing session. The only down-side was reporting of internet use. Every day a new log file (in text format) is generated which logs all (and I mean ALL) the internet activity which is processed by the proxy server. Those logs can easily be pasted into Excel to setup and design your own reports and easily apply data filters within Excel without the need to use the text-to-columns tool.
In my real-world tests, I have prepared the same desktop computer with Microsoft Windows Server 2016 Essentials and installed WinGate. After installation and ready to start using WinGate, I have noticed that port 80 was already in use by Windows Server 2016. I have then changed the port for WinGate to 8080, and all was working fine. I have placed this “server” setup in an office environment with some users to see how it will perform. To note, previously the users in said office struggled with internet speeds (always more than 10 concurrent connections to the internet on a 4Mbps ADSL line from Telkom) and performing internet-related tasks was dreadful. Luckily, WinGate also have a caching feature which speed up the internet browsing for cached websites to the users. After I implemented access rules and played around with the configuration, I immediately noticed the internet speed was way better than without the proxy server. Also, better administration and security measures can now be implemented to block certain websites and internet services, so you will have a more productive and secure working environment.
In the next article, I will go into a bit more detail with the configuration of the proxy server and the results of my tests. What I can say is that only in one day, there is a drastic change regarding the internet experience and no issues reported which couldn’t have been easily sorted.
Lastly, if you are considering implementing a small proxy server for your home, office or small business, please keep in mind that you will have to purchase a separate desktop / server, licensed server operating system (for maximum productivity) as well as the licensing costs of WinGate. It is totally worth having a proxy server installed as you now have better control on what internet traffic is produced in your environment, as well as to add another layer of security to keep your data safe.
Please feel free to comment below with any suggestions, questions or opinions.