ici-1000 internet content inspector
DESCRIPTION
Internet Content Inspector empowers your business security and operations teams by providing granular data monitoring and precise packet and session reconstruction capabilities.TRANSCRIPT
LevelOne New Product
ICI-1000 Internet Content Inspector
LevelOne ICI-1000 Internet Content Inspector empowers
your business security and operations teams by providing granular data monitoring and precise packet and session reconstruction capabilities. The solution is designed to combine process and technology into a single effective system for network forensics. Business can for the first time embrace Web 2.0 and maintain complete visibility and control, while significantly reducing total cost of ownership through device consolidation.
ICI-1000 offers real innovation by enabling unprecedented visibility and control of applications and content with no performance degradation. It identify applications accurately - regardless of port, protocol, evasive tactic or SSL encryption – and scan content to stop threats and prevent data leakage.
Why ICI-1000
Security Leaks Prevention Increase Employee Productivity Network Traffic Capturing &
Recording Analysis & Improve Network
Performance Forensic Evidences To monitor employee productivity
in the workplace To monitor employee
compliance with employer workplace policies related to use of its computer systems, email systems and Internet access
To investigate complaints of employee misconduct, including harassment and discrimination complaints
To prevent or detect industrial espionage, such as theft of trade secrets and other proprietary information, copyright infringement, patent infringement, or trademark infringement by employees and third parties
To prevent or respond to unauthorized access to the employer’s computer systems, including access by computer hackers
Session Reconstruction Most packet capture solutions and network sniffers only display raw packets and leave it to the user to decode and determine the potential problems they represent. ICI-1000 collects network traffic and reassembles it as its native session based format, enabling users to quickly and easily make business decisions based on the service it was providing. Iris users can present the actual text of an email, as well as any attachments, exactly as it was sent. It provides reconstruction of full HTML pages that end users visited and reconstruction of cookies for entry into password-protected websites. Iris will even display bi-directional instant messaging communications allowing full session reconstruction as the end user sees it.
Real Time Inspection & Protocol Supported Email, Webmail HTTP includes Links, Content Reconstruct, Upload and Download File Transfer, FTP, P2P IM/Chat includes Messenger, Yahoo, ICQ, QQ, IRC, Google Talk, etc Others: Online Games, Telnet, etc. Skype / VoIP voice message can be recorded too*
Data Capture The capture engine is designed as a service oriented architecture, permitting security professionals to gather forensic information while performing other tasks in parallel. It is designed to capture specific data via filters based on an extremely large of traffic metrics. This approach ensures that all targeted traffic is captured, regardless of whether the solution is run interactive or as a service. For capacity and service level agreement planning, ICI-1000 allows users to leverage traffic captured in one area of a network for use elsewhere, as well as for the monitoring of applications in development. Additionally, ICI-1000 allows for advanced functions such as keyword searching and protocol distribution.
Statistical Analysis ICI-1000 provides a large variety of statistical measurements, supplying information on protocol distribution, top hosts, packet-size distribution and bandwidth usage. By regularly analysing how systems and applications are being used, administrators can proactively identify and eliminate issues before they can result in downtime.
Telco Grade for the SMB ICI-1000 platform is being deployed from many ISPs across the world
*Skype / VoIP voice recording requires additional license purchase
Basic Diagram
Mirror Mode Implementation / Real-time Reconstruction
Sniffer technology is used for capturing Internet contents through port-mirroring Ethernet switch
Management port can be connected to the core switch and allow system administrator to access the system from anywhere
Reference Sites and Customers Being Implemented
Criminal Investigation Bureau The Bureau of Investigation Ministry of Justice National Security Agency (Bureau) in various
countries Intelligence Agency in various countries Ministry of Defence in various countries Counter/Anti-Terrorism Department National Police, Royal Police in various countries Government Ministries in various countries Federal Investigation Bureau in various countries Telco/Internet Service Provider in various countries Banking and Finance organizations in various
countries Others
Note: Due to confidentiality of this information, the exact name and countries of the various organizations cannot be revealed
Target Market
Education Research Institution Enterprise / Corporate Government Agency Lawful Enforcement
o Military o Police o Intelligence o National Security
Telco & ISP Services
Feature Screen Shot
Top-Down Drill Detailed Report Email (Pop3, SMTP, IMAP)
Webmail (Gmail, Yahoo Mail, Hotmail) Instant Messenger (MSN, Yahoo, IRC, GTalk)
HTTP (Web Link, Content, Source IP) HTTP Download / Upload Content
Specifications
Hardware
Processor
Intel Atom D525 Dual Core 1.8GHz CPU
Memory
2GB
Storage
2TB in 3.5 inch SATA Drive
Ethernet Port
Mirror Port 10/100/1000Mbps
Management Port 10/100/1000Mbps
Form Factor
19 inch Rack Mount
Operation Temperature
0 to 40 Celsius
Order Information
ICI-1000 Internet Content Inspector, 50 Users, One Year Free Upgrade
ICI-2000 Internet Content Inspector, 250 Users, One Year Free Upgrade
ICI-1000-PMA One Year ICI-1000 Product Maintenance Agreement
ICI-2000-PMA One Year ICI-2000 Product Maintenance Agreement