SSi Service Strategies Inc.

Network Monitor

Home
Up
Product Information
Product Evaluation
Contact SSi
Site Contents
Site Search
Glossary
Notices

 

Network Monitor

Monitor Network Usage

Network Monitoring

eTrust Intrusion Detection has been engineered to more effectively monitor your network usage characteristics. Employing its extensive intrusion, attack, virus and malicious applet pattern libraries, as well as an extensive library of categorized URLs, eTrust Intrusion Detection has the ability to unobtrusively detect a broad range of events such as:

bulletUsers connecting to specific sites

bulletUsers using specific protocols

bulletSending or receiving information that includes specific keywords

bulletSuspicious network events e.g. failed login attempts

bulletAttempts at intrusion to the LAN

Monitoring Traffic Content

eTrust Intrusion Detection allows you to examine network traffic in order to understand how your network is being used and to determine which network protection policies require changes. This information is provided by numerous visualization mechanisms that include the actual eTrust Intrusion Detection console, summary and detailed reports, and custom reports using the ODBC-compliant database.

eTrust Intrusion Detection not only provides historical network usage data; it also provides real-time alerts, logs and statistics. In addition to its numerous automatic detection capabilities, eTrust Intrusion Detection enables the network administrator can quickly define those situations that merit attention in order to log details of these events, generate an alert, or block the session. The network administrator selects protocols and/or conditions that merit attention. When these conditions are met, a defined action occurs.

For example, you can define a monitoring rule to identify all Telnet sessions. When eTrust Intrusion Detection detects a Telnet session, an action occurs. The conditions for the action could include Telnet sessions that are very long, very short, have a log-in fail, or were attempted from a flagged user ID. When one of these conditions is encountered, eTrust Intrusion Detection can respond by:

bulletNotifying the user by sending an alert

bulletAdding details about the session to a log file for viewing at a later point

Monitoring Use of the Network

eTrust Intrusion Detection is a useful tool for providing LAN usage information. Through eTrust Intrusion Detection's monitoring capabilities, you can capture and subsequently display and analyze the data and statistics to be used to control and improve the functioning of the network. The following primary types of information are available:

bulletHow outside users are using your Internet connection

bulletHow internal users on your network are using the Internet

bulletHow your internal network (Intranet) is being used

bulletWhether users are complying to the company’s electronic communications policies.

Use of Internet

Based on the statistics and logging capabilities eTrust Intrusion Detection provides, you are able to get an accurate picture of how your Internet connection is being used. This information is based on the sites accessed, protocols used and the amount of data transferred by user and by time. For example, you can identify which sites are being accessed for non work-related use.

Use of Intranet

eTrust Intrusion Detection is also an Intranet surveillance tool. eTrust Intrusion Detection monitors all traffic including the traffic that is destined for the Internet or comes from the Internet. This means that not only does eTrust Intrusion Detection report Web and control usage, and detect and respond to outsider intrusion and attacks, it also provides the same services for internal server access and network usage. eTrust Intrusion Detection provides internal usage information based on NT user ID, IP address, DNS name and MAC address. As a result, eTrust Intrusion Detection administrators can, for the first time, associate Internet usage and internal network usage by user, by services accessed, by protocols used, by time of day accessed, etc.

Thus, eTrust Intrusion Detection administrators have the benefits of the industry's most comprehensive solution since it addresses both internal and external network usages which addresses the concern that more than 50% of network abuse comes from insiders.

Compliance to Company Policies

Each company has its own electronic communications policies, some of which are implicit while others are well documented. In either case, eTrust Intrusion Detection is an essential component to determine compliance or to identify the need to generate new policies or change existing policies. In eTrust Intrusion Detection these policies are contained in policy folders which contain rules for Web access, monitoring/blocking/alerting, intrusion and attack detection, malicious applets and malicious e-mail. eTrust Intrusion Detection checks all the designated traffic for the appropriate situation (condition). When a session matches the conditions in a rule, a predefined action occurs e.g. logging, blocking or alerting.

If you would like to request additional information on an eTrust network protection product or service, please click on the button below.

 

Service Strategies

Service Strategies Inc.

2392 Mount Vernon Rd

Dunwoody, GA 30338-3092

678-441-0020   800-662-1615

assist@ssimail.com

Copyright © 1998 - 2002 Service Strategies Inc. All rights reserved.
Revised: October 13, 2003.