Deploying Rawstream Network Server in an Active Directory Environment
Note Rawstream Network Server is not designed to be deployed in a Terminal Services environment. For per-user monitoring and filtering in a Terminal Services environment see Rawstream Web Filtering.
Rawstream Network Server provides on-premise DNS-based web security. Policies and reporting are by IP. To monitor or filter by Active Directory username, Rawstream AD Sync is needed to map IPs to usernames.
Installing Rawstream Network Server in an AD environment has three parts: 1. Install Rawstream Network Server on its own host or virtual machine 2. Install AD Sync on each domain controller 3. Configure DHCP to hand out the Rawstream Network Server host IPs to client devices
Devices to be filtered use Rawstream Network Server for DNS resolution which in turn forwards the DNS queries to the Domain Controllers.
This allows DNS resolution of internal resources while letting the RNS to filter by user, based on IP. AD Sync is used to map IPs to users.
Generally Rawstream Network Server is installed on its own host / VM. It cannot be installed on a Domain Controller or host providing DNS (UDP/53) services.
For redundancy multiple Rawstream Network Server instances can be deployed on a network. Setup is identical for each instance.
Rawstream AD Sync is installed on each domain controller. AD Sync updates each instance of Rawstream Network Server with the logged in users and the hosts (IPs) they are logged into.
Firewall Rules Rawstream Network Server needs access to
*.rawstream.com ports TCP/80 and TCP/443.
Installing Rawstream Network Server on Windows Server
- Install the service. The service is installed to
C:\Program Files (x86)\Rawstream\Rawstream Network Server
- Once install is complete the service will be started automatically, and a browser window will open showing the dashboard.
- Set the account token (copied from app.rawstream.com > Dashboard > Settings)
- Set the IPs of the domain controllers or DNS servers you want the Rawstream Network Server to forward DNS requests to.
Note Rawstream Network Server dashboard can be accessed at
Note Rawstream Network Server logs to
C:\Program Files (x86)\Rawstream\Rawstream Network Server\logs\
Installing Rawstream AD Sync on Windows Server
Install Rawstream AD Sycnc on each domain controller:
- Install Rawstream AD Sync
- During install you will be asked to enter the Rawstream Network Server hostnames. Enter the hostnames using a semi-colon between each hostname. Ex:
- Start the Rawstream AD Sync service
Note Rawstream AD Sync logs to the Event Viewer