|
| |
 |
 |
Cybervision Network Security Audit System is designed and developed by Venus Information Tech Inc.. The system collects, analyzes and recognizes network data streams through the tapping mode. By monitoring network status in real time and recording network events, it finds security vulnerabilities and analyzes, stores, audits and replays related information of network activities.
→ Product Framework
Cybervision Audit System is composed of the following three parts:
• Network audit engine: appliance with 10/100/1000Mbps NIC
• Data management center
• Audit center
A data management center can have multiple network audit engines; each engine can be managed by only one data management center. One audit center can connect to multiple data management centers.
→ Product Functions
Audit
• Mail Transfer and Receiving Protocols (SMTP/POP3) Audit
Cybervision Audit System can record email information, Inc.luding time, address, names of attachments, senders and receivers; and it can replay the content of sent and received mails.
• Web Browsing (HTTP) Audit
Cybervision Audit System can record web information accessed by users, Inc.luding times, addresses and domain names; and it can replay the content of the browsed web pages.
• File Sharing (NetBios) Audit
Cybervision Audit System can audit file sharing services based on NetBios protocol under the environment of Windows network, monitor and record in real time the file sharing operations implemented by network users for the network resources and replay the file sharing operation commands.
• File Transfer (FTP) Audit
Cybervision Audit System can record remote login times, users' operations, such as read, write, add, modify and delete, on the FTP server and replay the whole operation process.
• Remote Access (TELNET) Audit
Cybervision Audit System can record remote login times and users' operations on the TELNET server and replay the whole operation process.
• Database(RACLE/SQLServer/Sybase)peration Audit
Cybervision Audit System can monitor and record users' database operations, such as read, write, query, add, modify and delete, and replay the database operation commands.
• Flow Audit
Cybervision Audit System can display the Netflow data variation in the network in real time according to different protocols and self-defined modes.
Netflow Collection Monitoring
Monitors data packet flows and data byte flows of various protocols such as TCP, UDP, ICMP and IGMP.
Intranet Host Flow Monitoring
Monitors the flows on each host in the intranet independently.
Monitor Text Content in Real Time
Cybervision Audit System can check key words in web pages and email text contents based on the user-defined dictionary. It issues alerts if keywords are matched.
Blacklist
The users can define a blacklist for hosts. Cybervision will attach importance to monitoring of the hosts and network actions in the blacklist and display activities of the hosts in the blacklist on audit centers in real time.
Report Analysis
• Query and Analysis of Audit data
Cybervision Audit System can perform operations of query, sum, management and maintenance of the audit data according to audit records and operator privileges. It can search the audit data by the combinations of keyword strings of the time, protocol, IP, sender, receiver, login name, page URLs.
• Reporting
Cybervision Audit System provides rich report query functions and can query and search by the combinations of keyword strings of the time, protocol, IP address, sender, receiver, login name and website name. Reports can be exported as HTML or EXCEL files.
|
 |
|
 |
|
