The X-Forwarded-For (XFF) HTTP header is an industry standard to find the IP address of a client machine connecting to the web server via a HTTP proxy. In the past there was no X-Forwarded for functionality for IIS web serve and ISA server proxy facility. This function was available in other proxy infrastructure like for Apache, Cisco cache engine, F5,Blue coat and Squid etc. Winfrasoft X-Forwarded-For is built for ISA and IIS server. So now you can happily add X-Forwarded-For functionality to your IIS Web Serve or ISA Server proxy infrastructure. With this you can log as well as track the IP address of a Client PC and this is possible with the help of chain to the web server from a proxy server. This will be more productive for analyzing the log reports.
This functionality is extremely useful in a scenario where branch offices are connected to one another with a proxy server located at the head office and when you need for exact IP address of the client on the web server. This will help you to generate more acurate reports and helps you in analyzing your data more clearly.
The new version of X-Forwarded-For(XFF) for IIS has got many features which is a result of series of requests from its customers. It is equipped with support for list of trusted proxies. The new version supports the logging of Layer 4 IP data and X-Forwarded-For data. To use the application you need to have Microsoft 2008 along with IIS 7.0.
When it comes to the other variant which is meant for ISA, the X-Forwarded-For for ISA Server is packed with support for even reverse proxy conditions and works fine with Web publishing for HTTP and SSL connections. Proxy chains that have more than two server in both of its directions.
It can be easily used in sync with third party products, provided they follow the standard specified by the X-Forwarded-For. Finally to use XFF you need to have ISA server 2004 running. Its working is based on IIS web server logging service; it makes forward requests of proxy to the ISA server when needed and even receiving such requests of proxy towards the ISA server. X-Forwarded-For for IIS logs the REAL client IP address droppping the spoofed header information. When it comes to security issue, it has addressed them well. Consider a scenario with forward proxy in case if ISA sever does not support web chaining then it helps you to avoid the server names used internally to be disclosed to the Internet. But you should not completely trust XFF header information when the data comes from outside as it is not signed. In those cases you can use the proxy trust list to avoid XFF spoofing.
You can Download it Here