Wednesday, April 6, 2011

How to supervise, monitor, restrict, and respond to unwanted user behaviors on your network in real-time as they occur


As its name implies, Network Enforcer is a network behavior enforcement tool. Network Enforcer monitors, responds to, and prevents unwanted behaviors from happening on your network in real-time. Network Enforcer allows you to prevent and protect your network from inappropriate behavior, and malicious activities in real-time, the instant they occur. If an action occurs on your network that you do not want to happen Network Enforcer can alert you immediately, or it can act on its own and block the action outright. Network Enforcer can monitor, filter, restrict, and respond to the following behaviors: 



Network Enforcer solves the problems that come with traditional user activity monitoring and logging software:


Problem #1: The "needle in the haystack" - trying to find the "bad" in all the "good" activity logs
With Network Enforcer, you will never miss an unwanted behavior that has occurred on your network, while never having to sort through tons of log data to find them. You will never have to search countless logs for a few unwanted behaviors, and possibly overlook them in the process. You will never have to search for that "needle in the haystack" again when trying to find unwanted behaviors hiding within thousands of appropriate user behaviors that occur every day.

Problem #2: Privacy invasion - logging everything users do, good or not
With Network Enforcer, you will not have to worry about violating your network users' privacy, as Network Enforcer only logs behavior filter violations and behaviors that you are concerned with.

Problem #3: Passive security - does not allow you to react immediately high security threats and behaviors
Unlike conventional activity monitoring tools, Network Enforcer allows you to respond IMMEDIATELY to unwanted behaviors and security violations the instant they occur on your network. Would you rather find out a critical document has been leaked days after it happened, or immediately as the user is saving the file?
An example scenario of data theft, protected by conventional activity monitoring software:
An employee accesses a confidential finance report that should not be accessed and sees critical information. The user then closes the file and copies it to a thumb drive and leaves the scene. The network administrator logs in the next morning and views activity logs and luckily catches the event and takes appropriate action, but the damage is done.

The same scenario with Network Enforcer:
The employee opens the confidential finance report and triggers a high-security Network Enforcer behavior filter. The network administrator is alerted in real-time, and via email, the computer is then locked down automatically by Network Enforcer within moments of the user opening the file - without the administrator having to do a thing.
 How It Works
Supervise.

What if you could place a supervisor behind each user on your network that made sure users stayed on task and did not perform unwanted behaviors? Now, what if you could do that in a cost-effective manner, without violating each user's privacy? Ascendant Network Enforcer represents the latest in network trust and security software that allows you to do just that. While running invisibly on each computer on your network, Network Enforcer watches what users do and reacts accordingly depending on what behaviors you have set to be unwanted on your network. Network Enforcer allows you to create behavior filters that apply to every computer on a network, or only specific computers, giving you complete control over user behaviors.

Network Enforcer does not log unnecessary user activity - it only logs events that trigger behavior filters you tell it to watch for. If a user sends an email with an unauthorized attachment, for example, Network Enforcer will only log data relevant to that email. Gone are the days of having to sift through thousands of harmless user activity logs while searching for unwanted behaviors. Network Enforcer assumes users are trustworthy, and only watches for the undesired behaviors you tell it to. Network Enforcer supervises, and allows you to filter the following behaviors:

Programs Executed
Network Enforcer can watch every program and application that is ran by users and respond accordingly. Network Enforcer can tell you what the exact program was that the user ran, and when.

Website Visits
Network Enforcer can watch every website that is visited by users and respond accordingly. Network Enforcer works with all popular browsers including Internet Explorer, Firefox, Mozilla, Opera, AOL, and Netscape.

File and Document Usage
Network Enforcer can watch over and respond to every file action that occurs on your computers - including file creations, modifications, deletions, and openings. If a user connects a portable thumb drive to the computer, Network Enforcer will watch activity on that drive also, as to prevent data theft.

Email Activities
Network Enforcer can watch all POP3 and SMTP email activity and alert you when emails are sent outside of your network domain, when emails contain specific recipients, domains, or senders, when emails contain certain subjects, or even when emails contain unwanted or insecure attachments.

Keystroke Phrases Typed
Network Enforcer can watch and respond to every single keystroke that users type and check to see if they type specific phrases that you want to watch for - such as passwords, names, addresses, top secret information, and more.

Windows Opened
Network Enforcer can watch and respond to every window users interact with on their computer. By specifying window titles or captions to watch for, Network Enforcer can track any window activity.

Internet Connections
Network Enforcer can watch every internet connection (incoming and outgoing) established on your computers, and alert you when unwanted connections to/from certain hosts, ports, or protocols are made.


Restrict.

When Network Enforcer sees users violating specific behavior filters by using unwanted programs and applications, websites, windows, chat clients, or even typing a specific keystroke phrase it can instantly restrict the behavior by closing the application, website, window, or chat client causing the violation. Network Enforcer can be configured so only more threatening and severe behaviors are restricted, while less threatening ones are not.

Network Enforcer allows you to restrict and block the following activities:

Block Program and Application Usage
Network Enforcer can block any application you want it to whenever a user runs it, preventing unauthorized application usage and time wasting.

Stop and prevent Website Visits
Network Enforcer can block specific websites from being visited, frequented, and used, preventing wasteful web-browsing, and the presence of indecent material on your network.

Eliminate and Stop Typed Keystroke Phrases
Network Enforcer can detect when specific keystroke phrases are typed and immediately close the window or program they are being typed in, preventing data leaks.

Block and Close Windows Opened
Network Enforcer can block any window containing a specific caption or title and prevent it from being interacted with.

Eliminate and Block Chat Client Usage
Network Enforcer can block popular chat clients from being used at all, preventing and circumventing a common avenue for data and intellectual property leaks.


Respond.

Network Enforcer categorizes all behavior filters under three security levels, allowing you to be alerted when a user has violated a handful of lesser, low security behavior filters, or when a user has violated a single high security filter. Network Enforcer's security thresholds allow you to take action and respond to immediate high security threats, while allowing you to be alerted otherwise only when users are repeatedly violating a number of low security filters. Network Enforcer has various response actions that kick in immediately when a user violates enough behavior filters to meet a security level's threshold. Network Enforcer's management software allows you to react instantly by issuing remote administration commands to the violating computer, in real-time.

Network Enforcer can directly respond in the following ways:

Alert you in Realtime as Filters are Violated
Network Enforcer can alert you via the Network Enforcer management interface in real-time by telling you what user and computer triggered an event, and what security level the event was so you can respond instantly via the remote administration commands within Network Enforcer.

Instantly Lockdown, Shutdown, Reboot, or Logoff the Computer
Network Enforcer can react on its own immediately when a security threshold is met by locking the computer down so the user cannot do anything. It can also shutdown, reboot, or logoff the computer as well, preventing any further filter violations.

Email you an alert message when filters are violated
Network Enforcer can email you, or a list of recipients, when a security threshold is met. Even if you are off-site and not on your network you will be alerted right away when filters are breached.

Alert the user that they violated a behavior filter
Network Enforcer can alert the user that they have just violated a behavior filter and should refrain from doing so again. This message is customizable.

Respond via Realtime Remote Administration Commands
Network Enforcer allows you to respond via various remote administration commands in the Network Enforcer interface. These commands allow you to send a message to a computer (or all computers on your network at once), lock/unlock a computer, shutdown, reboot, or logoff a computer, and view the desktop of the remote computer in real-time.


Report.

Network Enforcer has built-in reporting tools that create easy-to-read portable behavior reports that can be printed and presented. Ranging from brief network-wide computer behavior summaries, to in-depth behavior filter alert reports broken down by security levels, Network Enforcer can quickly create the reports you need for protecting your network. All reports are able to be customized with custom searches and date filtering.

Network Enforcer can create the following reports:
Complete or Brief Overview of All Computers
Network Enforcer can create a brief summary that shows each computer and how many filters they have violated, or a complete report on each computer on your network, detailing every filter violation for each computer, and tying it all together with a table of contents.

Most Active Computers
Network Enforcer can create a report detailing the most active computers on your network in terms of filter violations. The report will rank the computers in order according to how many violations each computer has.

Security Level Reports for All or Individual Computers
Network Enforcer can create reports for all computers, or single computers detailing only specific filter events by security level. These reports can be filtered by date. For example, you can create a report showing all high security events on your network on a specific date.

Detailed and Customizable Computer Reports
Network Enforcer can create reports for all computers, or a single computer, detailing every filter violated. These reports can be customized and filtered by date, search queries, users, and more. For example, you can create a report showing all application filter events for all computers, or a single computer, on a specific date.


  • Windows NT/2000/XP/Vista (32 and 64 bit)
  • 2MB Storage for software installation
  • Admin privs to each computer for remote installation purposes
  • Windows File Sharing Enabled 
 

0 comments:

Post a Comment

Twitter Delicious Facebook Digg Stumbleupon Favorites More