High-speed network data protocol analysis system
High speed network data protocol analysis system
Cyber security is an important issue related to national security and sovereignty, social stability, and the inheritance and development of national culture. ...
Network security is essentially information security on the network. The specific meaning of cyber security will change as the "angle" changes. For example, from the perspective of users (individuals, enterprises, etc.), they hope that information related to personal privacy or business interests is protected and monitored by confidentiality, integrity, and authenticity when transmitted on the network.
For security and secrecy departments, they hope to carry out network information monitoring on illegal, harmful or state-secreted information to avoid the leakage of confidential information, avoid harm to society, and cause huge losses to the country.
The efficient network data protocol analysis system consists of two functions, namely the traffic distribution device and the application protocol identification network abnormal behavior monitoring system. The traffic diversion device can divert different applications to different terminal analysis devices through accurate identification of Internet applications. The system application protocol audit equipment identifies, records, and alerts content such as website access, search engines, email sending and receiving, website posting, and file transmission through a comprehensive identification function, and can display statistics in real time. At the same time, different back-end subsystems can be added according to different needs, such as encrypted traffic, unknown traffic subsystem, and strong scalability.
Web applications such as e-mail, live chat, and forum postings provide great convenience for people to communicate information, but they can also become a tool for employee leaks. Some sensitive data and important information may be transmitted to the outside "easily and quickly" through the network, causing significant losses to relevant parts.
At the same time, a large number of users on the network use encryption protocols or VPNs for file transmission. As the audit systems in the current market cannot audit the content of files transmitted using encryption protocols, the audit systems in the current market cannot audit the content of files transmitted using encryption protocols. This makes auditing these flows more difficult. At the same time, it can expand some unidentified protocol network traffic, which may be caused by network Trojans, viruses, or some non-standard custom application protocols. The content of the traffic may contain illegal data theft or other illegal operations. Keep data on encrypted and unidentified traffic, and check the content of the corresponding files by other methods for easy verification.
Powerful application protocol library, supporting accurate identification of 1400+ application protocols. ...
(3) The identification and distribution of the accuracy protocol is not based on the port number.
(4) A powerful URL library that supports identification of more than 30 million URLs, displaying comprehensive and real-time monitoring of website browsing.
Product parameter Spec
Product parameters ...
2. Content audit: email receiving and sending audit, IM audit, forum posting audit, search engine keyword audit, HTTP file transfer audit, FTP file transfer audit, TELNET content audit. ,
3.Encryption protocol identification, including GRE, ESP, AH, RADIUS, IKE, CMP, Kerberos, L2TP, PPTP, VPN, Kink, SSH, SSL
4, more than 30 million URLs identified
5. Traffic recognition and distribution equipment supports multiple mirroring of traffic.
6. Bypass mirroring will not affect normal network access.
Public network exits for all governments, military and businesses. ...