Netfort

LANGuardian gives complete visibility across your network

NetFort LANGuardian is the industry’s leading deep packet inspection software for investigating, monitoring, and reporting on network and user activity.

It is a passive network traffic analyser, not inline, so it doesn’t impact on network performance. It can be downloaded and deployed on standard physical or virtual hardware and ready to go in minutes.

Because it gathers information from network traffic, there is no need to install agents or clients on devices connected to the network, making it easy to install.

Its primary data source is a SPAN or mirror port on a switch. LANGuardian’s generation and storage of network metadata, results in a massive data reduction while still retaining rich detail over long periods critical for multiple network security and operational use cases.

LANGuardian helps IT and Security Professionals to:

Create a dashboard to track Ransomware attacks

Receive an immediate security alert on suspicious activity on the network

Perform forensics to diagnose recent network issues

Find out what users are doing internally- Troubleshoot bandwidth issues

Find out who’s deleted a file or folder from a network share

Track access to confidential data

Comprehensive Search

Search for network information by username IP address, subnet, file name or web address

Alerting Engine

Get an instant alert for any unusual network activity

Report Mechanism

Generate powerful reports, built-in and custom, with drilldown capability to show the minutest level of detail and context to drive decision-making

Track Users

Integrate with Microsoft Active Directory to give reports that list real user names rather than just IP addresses

Real-Time and Historical

Display dashboards that show both real-time and historical reports of network activity data

MODULES

 

Bandwidth Troubleshooting

Identify user and applications that hog bandwidth. Troubleshoot saturated links and network bottlenecks

  • See at a glance how bandwidth is being used across your WAN, LAN, and Internet links
  • See details of usage by specific network links, users, clients, servers, applications and web-sites
  • Drill down to greater levels of detail, to view start-time, end-time, and size of each individual data transfer

File Activity Monitoring

Find out who accessed or deleted files. Prevent data leakage and unauthorized access to confidential data

  • See exactly what is happening on your Windows infrastructure
  • Search for file activity by IP address, subnet, username, or file name
  • Identify the users who have accessed a file or file share over a specific time period
  • Receive alerts to unusual file activity, such as large downloads by a single user over a short time period

Security

Identify internal threats and get early warnings about zero-day
threat activity

  • Use trends and alerts to identify suspicious activity
  • Detect port-scanning and port-sweeping activity
  • Identify instances of spam generation
  • This security module combines Snort intrusion detection with the LANGuardian database to create a unique historical IDS

Web Activity Monitoring

Drill down into user activity by website, download type, and traffic volume. Track down viruses, malware, and other security issues

  • Get an unrivalled level of visibility into the Internet traffic generated by the users on your network
  • Search for web activity by IP address, subnet, username, or website name
  • See everything from the total amount of traffic generated in a year, to the date and time a user visited a specific web page
  • With alerts, trends, reports, and drilldown capabilities

Network Forensics

Full packet capture, storage of historical network events, and comprehensive analytical capabilities make LANGuardian the ideal solution for your network forensics requirements

  • Analyze an incident by simply entering an IP address, subnet, or usernames
  • Respond to queries about network activity with all the pertinent facts
  • Troubleshoot network problems and identify anomalous or illegal behaviour
  • Identify misconfigured systems and deliberate or unwitting misuse of the network by authorized users

Network Traffic Analysis

LANGuardian uses advanced content based application recognition to generate consolidated reports that show bandwidth and usage patterns from an application perspective.

  • Uses DPI to analyze packet content as well as packet headers – the foundation for more detailed and accurate reporting than NetFlow based monitoring tools can provide
  • Eliminates reliance on source address, destination address, and port numbers to identify the application associated with network traffic.
  • Enables IT and Security Professionals to identify applications that use random port numbers or standard port numbers for non-standard purposes

Monitor Users on a Network with LANGuardian

The user dashboard gives you a consolidated way to monitor user activity which helps to detect and investigate many different situations, including:

  • Access to Windows file shares
  • Transactions involving SQL Server databases
  • Data leakage – files transferred outside the network
  • Files downloaded from the Internet
  • Use of specific ports and protocols
  • Use of unauthorized applications and devices
  • Use of a proxy server to gain access to prohibited websites

if you view a LANGuardian bandwidth usage report and notice that a user is consuming a disproportionately large amount of bandwidth, you can switch to the user dashboard and see a summary of that user’s network activity. From the user dashboard, you can drill down into details and identify the root cause of the user’s high bandwidth consumption. This is why LANGuardian is a really efficient way to monitor user activity.

You can use the search menu to find information on bandwidth troubleshooting, network forensics, file share activity or web activity. Alternatively, the user activity dashboard gives you a summary of all network activity from a user perspective. From these starting points, you can drill down to more details on each type of activity.

You can also use LANGuardian to investigate and report on past activity by users as it stores historical traffic data. You can use this data for advanced forensic analysis, creating audit trails, and troubleshooting problems that manifest themselves over a long period of time.