E-Detective Ethernet LAN Interception System (with

Real-Time Content Reconstruction) - 2010Decision Group

www.edecision4u.com

Introduction to E-DetectiveLAN Internet Monitoring, Data and Record Keeping &

Network Content Forensics Analysis Solution

Solution for: Organization Internet Monitoring/Network Behavior Recording Auditing and Record Keeping for Banking and Finance Industry Forensics Analysis and Investigation, Legal and Lawful Interception (LI)

Compliance Solution for:Sarbanes Oxley Act (SOX), HIPAA, GLBA, SEC, NASD, E-Discovery etc.

FX-30NFX-06FX-100 FX-120

E-Detective Standard System Models and Series (Appliance based) User can also opt to purchase software license only from us and use their own hardware/server.

1010101010100110011110110111011100011011

EmailWebmailIM/ChatHTTP

File TransferTelnet

101010101010100101010

Using port-mirroring or SPAN port

E-Detective System Architecture

DisplayReports

CapturePackets Reassemble

& Decode

ReconstructBack to Actual

ContentStoreSave

Archive

E-Detective Architecture

E-Detective – Mirror Mode Implementation

Organization or Corporate Network Deployment

E-Detective – Bridge Mode Implementation

E-Detective Lawful Interception Solutions

Telco/ISPLawful Interception

E-Detective Sample Screenshots - Reports

Homepage – Top-Down Drill to Details Reporting

IM/Chat(Yahoo,

MSN, ICQ,QQ, IRC,

Google TalkEtc.)

EmailWebmail

HTTP(Link, Content,Reconstruct,

UploadDownload)

File TransferFTP, P2POthers

Online GamesTelnet etc.

E-Detective Internet Protocols Supported

Sample: Email (POP3, SMTP and IMAP)

Sample: Webmail – Yahoo Mail, Gmail, Hotmail etc…

Webmail Type: Yahoo Mail, Gmail, Windows Live Hotmail, Giga Mail and others

Sample: IM -Yahoo, MSN, ICQ, IRC, QQ, GTalk etc…

Sample: File Transfer – FTP Upload/Download

Sample: File Transfer – P2P File Sharing

Supports P2P such as Bittorent, eMule/eDonkey, Fasttrack, Gnutella

Sample: HTTP (Web Link, Content and Reconstruction)

Whois function provides you the

actual URL Link IP Address

HTTP Web Page content can be reconstructed

Sample: HTTP Upload/Download

Sample: HTTP Video Streaming (FLV Format)

Video Stream (FLV format): Youtube, Google Video, Metacafe.

Playback of Video File

Sample: Telnet Session (with Play Back)

Sample: VoIP Calls (with Play Back)

Play back of reconstructed VoIP audio file using Media PlayerSupport RTP Codec such as G.711a-law, G,711µ-law, G.726, G.729, iLBC

Sample: Unknown or Non-Reconstructable

Admin: System Access Authority Assignment

Authority – Visibility and Operation in Group (with User defined)

Authority - VisibilityAuthority - Operation

Authority Groups with

Users

Export & Backup – Auto (by FTP) and Manual

Auto (with FTP) BackupManual Backup

Download ISO or Burn in to CD/DVD

Reserved Raw Data Files and Backup Reconstructed Data Comes

with Hashed Export Function

Alert and Notification – Alert with Content

Alert configured from different service categories and

different parameters such as key word,

account, IP etc.

Alert can be sent to Administrator by Email

or SMS if SMS Gateway is available.

Throughput alert function also available!

Search – Free Text, Condition, AssociationComplete Search – Free Text Search, Conditional Search, Similar

Search and Association Search

Conditional Search Free Text Search

Association Search

File Checksum (Hash) – Check File Content Integrity

Shows the file lists and user can import files to check and compare with the files thathas been captured by the system.

Compare file content integrity. Abuser might have changed file name and send outthe file to competitor.

Bookmark (for Review Next Time)

Bookmark items and allow the review of the items. Bookmark items can also be exported.

Reporting – Network Service Usage - Daily

Drill Down Reporting Capabilities

Reporting – Network Service Usage - Weekly

Drill Down Reporting Capabilities

Reporting – Top Websites Viewed (Users)

Reporting – Online IP – Account Lists

Reporting – Daily Excel Log Report

Manually or AutomaticallyGenerate Daily Log ReportIn Excel File Format.

References – Implementation Sites and Customers

Criminal Investigation Bureau The Bureau of Investigation Ministry of Justice National Security Agency (Bureau) in various countries Intelligence Agency in various countries Ministry of Defense in various countries Counter/Anti Terrorism Department National Police, Royal Police in various countries Government Ministries in various countries Federal Investigation Bureau in various countries Telco/Internet Service Provider in various countries Banking and Finance organizations in various countries Others

Notes: Due to confidentiality of this information, the exact name and countries of the various organizations cannot be revealed.

E-Detective Online Demo https://60.251.127.208 (root/000000)

Decision Groupwww.edecision4u.com