Upload
primo
View
64
Download
0
Tags:
Embed Size (px)
DESCRIPTION
E - Detective Ethernet LAN Interception System (with Real-Time Content Reconstruction) - 2010. Decision Group www.edecision4u.com. Introduction to E-Detective. LAN Internet Monitoring, Data and Record Keeping & Network Content Forensics Analysis Solution Solution for: - PowerPoint PPT Presentation
Citation preview
E-Detective Ethernet LAN Interception System (with
Real-Time Content Reconstruction) - 2010Decision Group
www.edecision4u.com
Introduction to E-DetectiveLAN Internet Monitoring, Data and Record Keeping &
Network Content Forensics Analysis Solution
Solution for: Organization Internet Monitoring/Network Behavior Recording Auditing and Record Keeping for Banking and Finance Industry Forensics Analysis and Investigation, Legal and Lawful Interception (LI)
Compliance Solution for:Sarbanes Oxley Act (SOX), HIPAA, GLBA, SEC, NASD, E-Discovery etc.
FX-30NFX-06FX-100 FX-120
E-Detective Standard System Models and Series (Appliance based) User can also opt to purchase software license only from us and use their own hardware/server.
1010101010100110011110110111011100011011
EmailWebmailIM/ChatHTTP
File TransferTelnet
101010101010100101010
Using port-mirroring or SPAN port
E-Detective System Architecture
DisplayReports
CapturePackets Reassemble
& Decode
ReconstructBack to Actual
ContentStoreSave
Archive
E-Detective Architecture
E-Detective – Mirror Mode Implementation
Organization or Corporate Network Deployment
E-Detective – Bridge Mode Implementation
E-Detective Lawful Interception Solutions
Telco/ISPLawful Interception
E-Detective Sample Screenshots - Reports
Homepage – Top-Down Drill to Details Reporting
IM/Chat(Yahoo,
MSN, ICQ,QQ, IRC,
Google TalkEtc.)
EmailWebmail
HTTP(Link, Content,Reconstruct,
UploadDownload)
File TransferFTP, P2POthers
Online GamesTelnet etc.
E-Detective Internet Protocols Supported
Sample: Email (POP3, SMTP and IMAP)
Sample: Webmail – Yahoo Mail, Gmail, Hotmail etc…
Webmail Type: Yahoo Mail, Gmail, Windows Live Hotmail, Giga Mail and others
Sample: IM -Yahoo, MSN, ICQ, IRC, QQ, GTalk etc…
Sample: File Transfer – FTP Upload/Download
Sample: File Transfer – P2P File Sharing
Supports P2P such as Bittorent, eMule/eDonkey, Fasttrack, Gnutella
Sample: HTTP (Web Link, Content and Reconstruction)
Whois function provides you the
actual URL Link IP Address
HTTP Web Page content can be reconstructed
Sample: HTTP Upload/Download
Sample: HTTP Video Streaming (FLV Format)
Video Stream (FLV format): Youtube, Google Video, Metacafe.
Playback of Video File
Sample: Telnet Session (with Play Back)
Sample: VoIP Calls (with Play Back)
Play back of reconstructed VoIP audio file using Media PlayerSupport RTP Codec such as G.711a-law, G,711µ-law, G.726, G.729, iLBC
Sample: Unknown or Non-Reconstructable
Admin: System Access Authority Assignment
Authority – Visibility and Operation in Group (with User defined)
Authority - VisibilityAuthority - Operation
Authority Groups with
Users
Export & Backup – Auto (by FTP) and Manual
Auto (with FTP) BackupManual Backup
Download ISO or Burn in to CD/DVD
Reserved Raw Data Files and Backup Reconstructed Data Comes
with Hashed Export Function
Alert and Notification – Alert with Content
Alert configured from different service categories and
different parameters such as key word,
account, IP etc.
Alert can be sent to Administrator by Email
or SMS if SMS Gateway is available.
Throughput alert function also available!
Search – Free Text, Condition, AssociationComplete Search – Free Text Search, Conditional Search, Similar
Search and Association Search
Conditional Search Free Text Search
Association Search
File Checksum (Hash) – Check File Content Integrity
Shows the file lists and user can import files to check and compare with the files thathas been captured by the system.
Compare file content integrity. Abuser might have changed file name and send outthe file to competitor.
Bookmark (for Review Next Time)
Bookmark items and allow the review of the items. Bookmark items can also be exported.
Reporting – Network Service Usage - Daily
Drill Down Reporting Capabilities
Reporting – Network Service Usage - Weekly
Drill Down Reporting Capabilities
Reporting – Top Websites Viewed (Users)
Reporting – Online IP – Account Lists
Reporting – Daily Excel Log Report
Manually or AutomaticallyGenerate Daily Log ReportIn Excel File Format.
References – Implementation Sites and Customers
Criminal Investigation Bureau The Bureau of Investigation Ministry of Justice National Security Agency (Bureau) in various countries Intelligence Agency in various countries Ministry of Defense in various countries Counter/Anti Terrorism Department National Police, Royal Police in various countries Government Ministries in various countries Federal Investigation Bureau in various countries Telco/Internet Service Provider in various countries Banking and Finance organizations in various countries Others
Notes: Due to confidentiality of this information, the exact name and countries of the various organizations cannot be revealed.
E-Detective Online Demo https://60.251.127.208 (root/000000)
Decision Groupwww.edecision4u.com