Shulou(Shulou.com)06/01 Report--

Nanjing Mingdai Network supplies Youwang AboCom CR series (professional online record audit system) | detailed product features ◎ can record a variety of network behavior content at the same time, network activities can all record network users' HTTP, IM, FTP, Telnet/BBS, Mail (SMTP, POP3), Webmail (Web SMTP/POP3) and other Internet service content. Provide equipment existing records or backup data to query with keywords, and the found data can be browsed directly to facilitate the reorganization and restoration of historical records. ◎ system setting and remote management built-in Web UI setting management interface (complex / simple Chinese, English), providing HTTP (SSL online encryption), CR product setting management can be completed through the browser Provide remote monitoring and firmware (Firmware) update function, support SNMP network management protocol. ◎ graphical various statistical analysis reports CR products provide graphical network traffic reports, real-time and historical statistical reports, TOP N statistical ranking reports and abnormal event analysis reports, providing managers with a grasp of the normal use of the enterprise network. ◎ usage analysis or historical usage statistics ranking color scroll bar design, you can count the usage traffic of the day or at any time in the past, and list the traffic ranking (TOP N) by user and service name. Traffic rankings can tell who, when and what Internet services take up network bandwidth. In a specific period of time, network administrators can clearly see the network traffic at that time, and easily grasp the frequent usage and usage of the enterprise network, if there is an abnormal increase in network traffic (gale virus, network worm, DoS attack.), or abnormal decrease (poor quality of external lines, line failure …) The situation, the network management personnel can immediately know the warning, make the way to deal with the situation. ◎ clicks on Today's record and immediately displays the user's network record on that day to know the Internet situation or network activity of a specific employee on that day. The system can record all the user's network activities on that day, and the network administrator can know at a glance from this function, and there is no need to switch and correspond to various service records. ◎ hierarchical group authorization and management (humanized group management) set up group administrators according to different departments or executive classes, set which departments or groups can be monitored according to different levels, and set different record browsing and management permissions. With the enterprise hierarchical group management style, hierarchical authorization management and control, it is easy to grasp the use of the enterprise network and information security audit. ◎ intelligent record optimal capacity setting prompt system will convert the best storage time of each service record according to the usage of various services in the enterprise network. (for example, if the daily mail flow in the enterprise network is high, the system will propose to the network administrator that the retention period of the mail should be revised down to a smaller date.) And can display the total capacity of the hard disk, usage space, remaining space and percentage of use and other information. For User Name or Service Name monitoring, ◎ can monitor its network activity content for a single user, such as HTTP, IM, FTP, Telnet, BBS, Mail (POP3, SMTP), Web Mail … Or monitor the network activity content of all users according to the above single service record. ◎ automatically add users and list management system can automatically add users, network managers can also type their own. In addition to automatically recording the user's computer name, the network administrator can also define the user's name to facilitate the observation of the records saved by the CR products. You can set up the user name of the IP address by yourself, or bind the IP address with the MAC address. In the future, you can directly use the user name as the setting management. At the same time, you can use the user account name of AD Server unified authentication as the user record, which is convenient for enterprises to control and monitor. The user list can be selected with the user's IP or MAC. a. Combined with IP address: the user list is combined with IP, which is suitable for enterprises where the user's IP is fixed. b. Combined with MAC address: the user list is combined with MAC, which is suitable for enterprises whose IP is not fixed (using DHCP to obtain IP automatically). The user list combined with the function of MAC can avoid the problem of intentional people stealing other people's IP. The ◎ remote backup (Remote Backup to NAS/File Server) system can set the backup time, automatically back up the recorded data to the remote File Server or NAS, and query the records anytime and anywhere. ◎ record the URL address or details of web browsing (HTTP). Record all web pages visited by computers on the Internet (including URL, IP, Host..). Including who, when and what web pages have been visited. Click the record on the management interface to access the page directly. ◎ records E-Mail transceiver (SMTP, POP3, IMAP) and Webmail (Web SMTP, Web POP3) automatically back up all incoming and outgoing letters (recipient, sender, email purport, email text, additional files), and can be kept for a long time for system administrators to read or track. If the original file of the letter is damaged, it can also be archived and recovered from the stored backup letter. Can record the use of web pages to receive Webmail content, such as: AboCom, Hinet, Seednet, Yahoo, PCHome, Yam, Gmail, HotMail, Sina, Sohu, 163,263 … . Wait. The mail saved by the ◎ direct "view / forward" mail system can be viewed directly in the Web UI management interface or forwarded to a designated mail account. ◎ records Telnet and BBS online content records Telnet and BBS online content, such as source / destination IP, online login and logout behavior records, and can be presented in the original text playback mode. ◎ records FTP file transfer and related information detailed records of each FTP upload / download file transfer record, including user name, source / destination IP, time, file name and other related information, easy for administrators to track And can record the date, time, IP of the user computer, user name, uploaded or downloaded files and so on. ◎ records IM real-time communications and transmits and receives archival records of real-time communications (MSN, Yahoo Messenger, ICQ, QQ …) The conversation content, transmission files, IP and nicknames of both parties can be used to search the real-time communication content by using IP address, user name, date and keyword, etc. (contains records that IM sends and receives files), including MSN that records through Proxy or Web mode. ◎ records the two-way text and voice conversation of Skype real-time communication, which can record the text message and voice of Skype real-time communication. The voice conversation is recorded by stereo dual channel, the left channel records the voice of internal users, and the right channel records the voice of remote users. The left and right channels are completely separated, and the problem of information security incident occurs in the future, which can be used to audit the left certificate. ◎ IM Real-time Communication Management provides Authentication function administrators can require users to pass authentication authorization before using IM, otherwise IM will be blocked online, and can also be set whether authentication authorization, audit, or conversation or file transfer is required. Wait for authority control. ◎ IM, P2P and filtering control of network application software (Block IM, P2P, Tunnel, On-Line Game …) CR products are used in Bridge (In-Line) Mode, and managers can set filter control conditions for IM, P2P and other network applications. This controls the use of IM, P2P, online games, audio-visual software, wall-piercing software, remote control and other network application software (the signature of network application software can be updated in real time through Internet). ◎ website filtering Control (URL Filter & URL Block) provides the most advanced website category cloud database (trial or optional services), black / whitelist (URL Block) and other website filtering control mechanisms and statistical analysis reports, providing detailed records. Assist managers to follow-up monitoring and management and data storage, so as to adjust the network information security use policy. Through the website category cloud database (URL Filter) mechanism, all the pages of Internet are divided into 8 categories (illegal websites, pornographic sites, games / games, social / economic, interaction / services, leisure / hobbies, education / new knowledge, other categories), a total of 64 sub-projects. As long as you check the categories of websites that need to be filtered or released, you can easily perform corporate user filtering to control the browsing of websites (pages). Through the website filtering (URL Block) mechanism: you can use wildcards (Wildcard: *,?) or use keywords (Key Word) to create a blacklist / whitelist to restrict users from browsing sites (pages) that are indecent or pornographic, or to allow users to visit only specified sites (pages). ◎ event logging and warnings provide event logging (Event Log) and warning (Alert) functions, when abnormal events occur, you can actively send E-mail to the manager. ◎ supports network service protocols TCP, IP, UDP, ICMP, HTTP, HTTPS, SNMP, FTP, TFTP, SMTP, POP3, Telnet, DNS... Wait. ◎ supports multi-language UTF-8 coding and multi-language UTF-8 coding, making it easy for CR products to present records in multiple languages at the same time, which is suitable for Internet and multinational enterprises with frequent transactions. ◎ abnormal Traffic Detection and warning (Anomaly Flow IP) provides abnormal traffic and internal poison detection and warning functions. When a large number of packets are sent to the enterprise network in an attempt to paralyze the enterprise network, CR products will block the attack and notify managers and users. Let the manager know the abnormal situation of the network in real time, and make the relevant response immediately. ◎ regional joint defense Zone Defence (user poisoning or abnormal traffic warning notification and blocking isolation) when the user is suspected of poisoning or abnormal traffic, CR products immediately guide the block domain joint defense (Zone Defence) mechanism, directly issue ACL instructions to network switches with ACL instructions, and automatically block and isolate their packet transmission. And immediately send a warning to the user and administrator before quarantine. (including Mail notification to the manager) and recorded in Log for audit and review. [@ more@]

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.