Chapter 1. Introduction


Internetworking becomes the most popular communication nowadays, escalation of frequent communication on internet becomes a challenge of monitoring and management. E-Detective intercepts Email, instant messaging, web surfing file transferring and telnet sessions. E-detective encourages efficiency, prevents network resource from abused, keeps confidentiality from leaking, and monitors activities of employees.

Network interception is an important approach to gather information of communication and digital evidence. Interception solutions capture all the traffic on the network and monitor the activities. It is capable of live intercepting, real time recording, category classifying, behaviour correcting, data mining, analysing and statistics

E-Detective is optimised and based on Linux OS, It provides friendly user interface powered by Java plug-in, and well-tuned provisioning for easy installation and starting. E-Detective is capable of deep packet interception on high speed IP network, and able to target specific objective by using non-intrusive interception technology.


Benefits :
  • Track down work effectiveness, Prevent confidentiality disclosure, End employees' laziness and boredom, Protect business right.
  • Traffic management and utilisation monitoring.
  • Managing network access behaviour
  • Backup and reconstruction
  • Help government and law enforcement agencies neutralize threats from terrorists and criminals

Models :

E-Detective Models

Model

FX 08

FX 30 MBX

FX 30 MBX X2

FX 30 MBX X3

Appliance

YES

YES

YES

YES

IP Licenses

10~50

75~150

200~500

500以 上

E-Mail interception [POP3 /SMTP]

YES

YES

YES

YES

Web Mail capturing

12 types

12 types

12 types

12 types

Instant Message interception

MSNICQAOLYAHOO

IM File transferring capturing

YES

YES

YES

YES

FTP capturing

YES

YES

YES

YES

Web browsing [URL]

YES

YES

YES

YES

Web browsing [Web content]

YES

YES

YES

YES

TELNET / BBS capturing

YES

YES

YES

YES

Customised reporting system

YES

YES

YES

YES

Full text indexing

YES

YES

YES

YES

Please refer to “Appendix ” for detail specification


Features :
  • Exclusive operating system
  • Non-intrusion mode means it is undetectable
  • Web-based management interface
  • Monitor multiple protocols
  • Access control ensures only authorized use of resources
  • Easy to define monitoring and alerting rules
  • Centralized monitoring of local and remote stations
  • Quick search function
  • Useful management reports
  • Data backup and recovery solution

Network Access Behaviour Controlling in Enterprises :
1. Recording and Alarm
2. Filtering and Intercept

Recording and Alarm
 Filtering and Intercept
Purpose
 recording and alarm
 real-time filtering and intercept

*  pros: complete recording and alarm specifying
* cons No interception but capturing
* pros: real time interception and leaking prevention
* cons Filtering policy is difficult to define.
Users
 Management level

* pros: All traffic is monitored without impact network operation
* pros: Warrant is approved by authority
* cons traffic lag could impact the network
Features
 monitoring and management
 content filtering and investigation
Approaches
 Sniffer Listen Mode/ Bridge Mode Relay Mode
Support
 Support POP3, SMTP, Web Maill
Recording inbound and outbound Emails


E-Detective advantages :
E-Detective is a flexible policy based and non-intrusive network access behaviour monitoring solution. Alarm is issued when violation occurred.