The Active Directory and E Directory modules enable tracking of events and network traffic flows on the company network by user name and department. Events that can be monitored include large network downloads, all network sessions, security events, Internet access, system logon times, number of systems logged onto over a period of time, etc. When troubleshooting issues LANGuardian can identify the user and the associated workstation.
Reports can be run for specific times on specific days, months or years allowing for a range of data forensic applications, for example ‘who was on the system over the weekend’, ‘which users used most bandwidth last month'.
LANGuardian provides immediate notification on a wide variety of network and security events. Reports can be sent by email to specific individuals, based on the type of event and the corresponding staff responsibility. Specific events can be marked and individuals alerted as they occur by email or on their mobile via a SMS gateway.
The combination of the LANGuardian’s traffic analysis engine, scalable database and our Active Directory and E Directory integration enable real time and historical tracking by user of files accessed, modified, downloaded and deleted on your network.
LANGuardian enables network managers to understand exactly where traffic is being distributed in the network. A simple traffic distribution report identifies all of the traffic that traverses in and out of the network and on which port it is traveling. Reports can be generated on a user, department, IP address and application basis. Network staff can view the top users on the network over a 24-hour period, with drill down to view all sessions initiated by those users during that period.
The Trends module allows you to monitor changes in any observed parameter over a given period. The trend graph is 'drillable', meaning that any portion of the graph can be clicked on to produce more detailed records e.g. a peak in a Traffic Trend Graph can be clicked on to display a report of traffic distribution for that period. A Trend Wizard allows a user to define any trend that they want to observe e.g. traffic to a certain server can be monitored, or traffic generated by a specified user. A special Subnet trend can also be generated showing, on a single graph, all traffic in/out of a specified subnet. Trends are displayed for a default 48-hour period but can be adjusted for reporting by day, week, month or any user-defined period.
The Services Inspector module proactively monitors the critical elements on your network such as specified servers, network devices and services for uptime and performance. The Inspector checks the performance of both network and service. A graph is continuously built of the Round Trip Timing (RTT) for the ping, TCP connect and challenge-response. If the ping RTTs are low and the challenge/response times are high, you can say that the network is fine but the application is responding slowly.
The reporting engine provides fine-grained control through the use of filters. It is possible to create reports based on specific parameters and then save these for future re-use, e.g show all traffic between two sites or subnets, or the top servers on a site. Network administrators can refine this search by IP address, hostname, username, subnet or application.
LANGuardian tracks web accesses, large traffic volumes, machines sending more traffic than receiving and other anomalous activity on the network. Policy violation reports can be generated for the usage policies defined for the network.
The system provides audit reports and validation of servers and operating systems on the network. The local servers report indicates any machines inside the network that are running a service/server on their machine, and what port they are running it on. A fingerprinted OS report can confirm operating system compliance on the network.
