Support Center

The Anonymous User in Forefront TMG

Last Updated: Aug 16, 2013 04:58PM PDT
Forefront TMG will log 'Anonymous' for any unauthenticated traffic. To get an idea of what this traffic is, use Fastvue TMG Reporter to hover over the Anonymous user and click 'Run report on'.
Have a look at the top sites, applications and also the firewall rules sections in the report. Some common unauthenticated traffic may be:
- Windows Updates
- Outlook Web Access and other published sites
- Specific Rules that allow unauthenticated traffic
The Firewall Rules section of the Anonymous User report can be particularly useful as it will tell you which rules are allowing the unauthenticated traffic through. You can then run further reports on these rules to discover more information such as the users or sites being allowed.

For web traffic, check that your 'allow' Web rules are requiring authentication. That is, instead of allow 'All Users', set it to 'Authenticated Users'. 
For non-Web traffic, the firewall client needs to be installed on your client computers. Once authenticated, their usernames will be logged.
You can also configure TMG to require all users to authenticate. To do this:
1. Open the Microsoft Forefront TMG Management console.
2. Click on the ‘Networking’ node in the left pane and select the ‘Networks’ tab in the right pane.
3. Right click on the ‘Internal’ network and select ‘Properties’.
4. Select the ‘Web Proxy’ tab and click on the ‘Authentication…’ button.
5. Select the ‘Require all users to authenticate’ checkbox.
6. Click ‘OK’ to save changes.
7. Repeat the same procedure for ‘Local Host’ in the Networks Tab.
The anonymous user also falls into the 'Unknown' department, so reducing the amount of unauthenticated traffic should also reduce the amount of 'Unknown' department activity.  

If you have run a report on your anonymous user, and you are not concerned about this type of traffic appearing in your reports, you can exclude this unauthenticated traffic from being imported into Fastvue TMG Reporter. Just enable the 'Exclude Anonymous User' filter in Settings | Import Filters.

Contact Us

  • Post a Public Question
  • Email Us
  • Chat with us

    Call Us @ 888.885.6711
seconds ago
a minute ago
minutes ago
an hour ago
hours ago
a day ago
days ago
Invalid characters found