Configuration

Sample configuration


☆ Sample configuration

Scalability

Discrete Capturer/Analyzer
Discrete Capturer/Analyzer configuration will minimize the chance of packet capturing operation interrupted by PacketBlackHole overload or hardware failure. You can choose virtualized analyzer as well to reduce cost.

Bridge mode configuration for lossless capture
Installing PacketBlackHole in bridge mode reduces packet capture loss rate down to zero in effect.

Bypass device for fail safe
If you are concerned about your backbone network connection interrupted by PacketBlackHole outage, install EtherGazer together with PacketBlackHole. EtherGazer will effectively bypass bridge-mode PacketBlackHole in case of PacketBlackHole failure to keep your WAN connected.

☆ Complete preservation

Limits access from unauthorized terminal

Prevents externally oriented alteration or deletion, for complete preservation of data

In case of an incident, PacketBlackHole is ready to help you examine the details of attack or intrusion.
Inconsiderate initial response and the consequent incomplete preservation of evidence may well spoil the credibility of investigation later on. Let PacketBlackHole do the preservation part for you.

Captured communication packets are kept secure and free of alteration.

Record of TCP

☆ Credibility of evidence

PacketBlackHole
print format meets forensic needs.
print format

Use PacketBlackHole for forensic investigation.

PacketBlackHole prints the data out so as to meet the requirements of forensic procedure.

Submit this as investigation report document when necessity arises.

☆ Selective recording

Filter the recordings by IP address, MAC address, or port number to limit the target communication.

Communication acquisition



Suspected unauthorized access communication can be picked up.



Preclude unnecessary third party data when submitting a report to avoid privacy infringement.

Privacy setting


☆ Intrusion detection

Detects and reports unauthorized access from either inside or outside

Not only the occurrence but also the details of unauthorized access
One Point Wall option adds One Point Wall's robust intrusion detection functionality to PacketBlackHole

☆ Alert functionality

E-mail message alert
activated when an E-mail message matching the 'Alert' category is detected
Intrusion alert
activated when intrusion or attack is detected
Web access alert
activated when a web access matching the 'Alert' category is detected
Fulltext alert
  • activated when automatic fulltext search in the following contents return a result over pre-defined threshold on any of the categories
  • - E-mail body text
  • - E-mail attachment
  • - data posted over http
  • - data acquired over http
Event alert
activated when a system event indicating a systeml failure is detected
Traffic alert
activated when traffic spike is detected
PBH activity notification
sent once every hour to notify that the PacketBlackHole system is up and running.

         

▲Top

NetAgent Co., Ltd
Tokyo Traffic Kinshicho Bldg. 9F ,
4-26-5, Kotobashi, Sumida-ku,
Tokyo,130-0022 Japan
Phone Number : +81-3-5625-1245
mail address pbh-sales at netagent co jp