1 / 37

E - Detective Ethernet LAN Interception System (with Real-Time Content Reconstruction) - 2010

E - Detective Ethernet LAN Interception System (with Real-Time Content Reconstruction) - 2010. Decision Group www.edecision4u.com. Introduction to E-Detective. LAN Internet Monitoring, Data Retention, Data Leakage Protection & Network Forensics Analysis Solution Solution for:

chaela
Download Presentation

E - Detective Ethernet LAN Interception System (with Real-Time Content Reconstruction) - 2010

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. E-DetectiveEthernet LAN Interception System (with Real-Time Content Reconstruction) - 2010 Decision Group www.edecision4u.com

  2. Introduction to E-Detective LAN Internet Monitoring, Data Retention, Data Leakage Protection & Network Forensics Analysis Solution Solution for: • Organization Internet Monitoring/Network Behavior Recording • Auditing and Record Keeping for Banking and Finance Industry • Forensics Analysis and Investigation, • Legal and Lawful Interception (LI) • Mediation Platform & Tactic Server for Telco Operator Compliance Solution for: Sarbanes Oxley Act (SOX), HIPAA, GLBA, SEC etc... E-Detective Standard System Models and Series (Appliance based) User can also opt to purchase software license only from us and use their own hardware/server. FX-06 FX-30N FX-100 FX-120

  3. Capture Packets Reassemble & Decode E-Detective Architecture Display Reports Reconstruct Back to Actual Content Store Save Archive E-Detective System Architecture 1010101010 10100101010 Using port-mirroring or SPAN port 1010101010 1001100111 1011011101 1100011011 Email Webmail IM/Chat HTTP File Transfer Telnet

  4. E-Detective – Mirror Mode Implementation Organization or Corporate Network Deployment

  5. E-Detective – Bridge Mode Implementation

  6. E-Detective Lawful Interception Solutions Telco/ISP Lawful Interception

  7. Data & Network Protection in Company Internet Branch Office Data Center of HQ T1/E1 1G VPN (Edge Router) Firewall (Edge Router) VPN (Edge Router) E-Detective T1/E1 Core Switch 10G Bank IT Security Officers 1G 1G …… Central Management System (CMS) for aggregation and centralized management accessible by CISO • Compliance with • Basel II – risk management • Sarbine-Oxlay– insider transaction prevention & anti-corruption • GLBC– customer information protection T1/E1 1G N XE-Detective Systems for online real-time construction on targeted users or IP’s in different departments or subnets 1G VPN (Edge Router) E-Detective NAS/SANstorage for long period data retention Branch Office

  8. Collocate Services for ISPs T1/E1, FTTX, xDSL Internet Data Center of ISP Firewall (Edge Router) Private VPN Gateway T1/E1, FTTX, xDSL e-BMS or e-TCS VPN (Edge Router) Server Farm & NAS/SANstorage for long period data retention T1/E1, FTTX, xDSL Customer Office Cloud Computing Model: ISP provides private VPN service, collocate services with e-Behavior and e-Total Control Management, and server farm & data storage service for customers. VPN (Edge Router) Private VPN Scope Clients

  9. E-Detective Sample Screenshots - Reports Homepage – Top-Down Drill to Details Reporting

  10. Email Webmail HTTP (Link, Content, Reconstruct, Upload Download) IM/Chat (Yahoo, MSN, ICQ, QQ, IRC, Google Talk Etc.) File Transfer FTP, P2P Others Online Games Telnet etc. E-Detective Internet Protocols Supported

  11. Sample: Email (POP3, SMTP and IMAP)

  12. Sample: Webmail – Yahoo Mail, Gmail, Hotmail etc… Webmail Type: Yahoo Mail, Gmail, Windows Live Hotmail, Giga Mail and others

  13. Sample: IM -Yahoo, MSN, ICQ, IRC, QQ, GTalk etc…

  14. Sample: File Transfer – FTP Upload/Download

  15. Sample: File Transfer – P2P File Sharing Supports P2P such as Bittorent, eMule/eDonkey, Fasttrack, Gnutella

  16. Sample: HTTP (Web Link, Content and Reconstruction) Whois function provides you the actual URL Link IP Address HTTP Web Page content can be reconstructed

  17. Sample: HTTP Upload/Download

  18. Sample: HTTP Video Streaming (FLV Format) Playback of Video File Video Stream (FLV format): Youtube, Google Video, Metacafe.

  19. Sample: Telnet Session (with Play Back)

  20. Sample: VoIP Calls (with Play Back) Play back of reconstructed VoIP audio file using Media Player Support RTP Codec such as G.711a-law, G,711µ-law, G.726, G.729, iLBC

  21. Sample: Unknown or Non-Reconstructable

  22. Admin: System Access Authority Assignment Authority – Visibility and Operation in Group(with Userdefined) Authority - Visibility Authority - Operation Authority Groups with Users

  23. Export & Backup – Auto (by FTP) and Manual Auto (with FTP) Backup Manual Backup Download ISO or Burn in to CD/DVD Reserved Raw Data Files and Backup Reconstructed Data Comes with Hashed Export Function

  24. Alert and Notification – Alert with Content Alert configured from different service categories and different parameters such as key word, account, IP etc. Alert can be sent to Administrator by Email or SMS if SMS Gateway is available. Throughput alert function also available!

  25. Search – Free Text, Condition, Association Complete Search – Free Text Search, Conditional Search, Similar Search and Association Search Conditional Search Free Text Search Association Search

  26. File Checksum (Hash) – Check File Content Integrity Shows the file lists and user can import files to check and compare with the files that has been captured by the system. Compare file content integrity. Abuser might have changed file name and send out the file to competitor.

  27. Bookmark (for Review Next Time) Bookmark items and allow the review of the items. Bookmark items can also be exported.

  28. Reporting – Network Service Usage - Daily Drill Down Reporting Capabilities

  29. Reporting – Network Service Usage - Weekly Drill Down Reporting Capabilities

  30. Reporting – Top Websites Viewed (Users)

  31. Reporting – Online IP – Account Lists

  32. Reporting – Daily Excel Log Report Manually or Automatically Generate Daily Log Report In Excel File Format.

  33. High Availability • 2 ways of high availability configuration based on customer requirement • Single and simple cluster configuration for small and mid-size network structure • Multiple and complex cluster configuration for large or ISP network structure with real-time performance • Site survey and customer requirement in advance Company Logo

  34. High Availability Option 1 • Single and Simple Cluster Configuration Under mid-size network struucture, E-Detective in cluster configuration can ensure High availability requirement (Mirror or Bridge Connection) Network Backbone Heartbeat Line Data Reconstruction Server Cluster (Connected to Network with Single IP) Stand-by Active Fiber Channel Switches Dual-Loop Fiber Channel Connection SNA Storages • No Single Point of Failure! • Redundancy Design in Server Company Logo

  35. High Availability Option 2 • Multiple and Complex Cluster Configuration Under large network structure, E-Detective can be implemented as sniffer probes and data reconstruction sever cluster to ensure real-time performance and high availability Network Loop 1 (Mirror or Bridge Connection) Network Loop 2 Network Sniffer Probe Group Data Reconstruction Server Cluster (Connected to Network with Single IP) Dual-Loop Fiber Channel Connection Active (Redundancy Design in Server) Heartbeat Line Stand-by SNA Storages Fiber Channel Switches Company Logo

  36. References – Implementation Sites and Customers • Criminal Investigation Bureau • The Bureau of Investigation Ministry of Justice • National Security Agency (Bureau) in various countries • Intelligence Agency in various countries • Ministry of Defense in various countries • Counter/Anti Terrorism Department • National Police, Royal Police in various countries • Government Ministries in various countries • Federal Investigation Bureau in various countries • Telco/Internet Service Provider in various countries • Banking and Finance organizations in various countries • Others Notes: Due to confidentiality of this information, the exact name and countries of the various organizations cannot be revealed.

  37. Thank You ! E-Detective Online Demo https://60.251.127.208 (root/000000) Decision Group www.edecision4u.com

More Related