Levelone Ici-1000 User manual

Internet Content Inspector

ICI-1000 / ICI-2000

User Manual

v1.00

Important Notice

This user manual is delivered subjected to the following terms and conditions. The copyrights,

intellectual property rights and trade secrets included in this user manual are owned by ICI. The user

manual is provided to ICI customers for the sole purpose of obtaining information with respect to the

installation, implementation and function of the ICI system and should not be used for any other

purpose. The information contained in this user manual is proprietary to ICI and strictly confidential. It

is strictly forbidden to copy, duplicate, reproduce or disclose this user manual or any part of this user

manual without prior written permission from ICI.

The Management Team of Digital Data Communications Asia Ltd

The contents of this publication may not be reproduced in any part or as a whole, stored, transcribed

in an information retrieval system, translated into any language, or transmitted in any form or by any

means, mechanical, magnetic, electronic, optical, photocopying, manual, or otherwise, without the

prior written permission of LevelOne

Disclaimer

LevelOne does not assume any liability arising out the application or use of any products, or software

described herein. Neither does it convey any license under its parent rights not the parent rights of

others. LevelOne further reserves the right to make changes in any products described herein without

notice. The publication is subject to change without notice.

Trademarks

LevelOne is a registered trademark of Digital Data Communications Group. Other trademarks

mentioned in this publication are used for identification purposes only and may be properties of their

respective owners.

Table of Contents

INTRODUCTION ...............................................................................................................................................6

WHO NEED THE ICI SYSTEM ...................................................................................................................................... 7

APPLICATION AND IMPLEMENTATION........................................................................................................................... 8

UNPACKING & INSTALLING ............................................................................................................................10

PACKING CHECKLIST ............................................................................................................................................... 10

FRONT PANEL ....................................................................................................................................................... 10

REAR PANEL ......................................................................................................................................................... 10

REQUIREMENT ...................................................................................................................................................... 11

INSTALLATION ....................................................................................................................................................... 11

DEFAULT SETTINGS ................................................................................................................................................ 11

GETTING STARTED .........................................................................................................................................12

WEB MANAGEMENT INTERFACE............................................................................................................................... 12

SYSTEM MAIN PAGE .............................................................................................................................................. 13

ICON BAR............................................................................................................................................................. 14

MAIN PAGE -TOTAL THROUGHPUT STATISTICAL REPORT .............................................................................................. 15

INTERNET CONTENT RECONSTRUCTION.........................................................................................................22

EMAIL ................................................................................................................................................................. 22

POP3 ............................................................................................................................................................. 22

IMAP ............................................................................................................................................................. 26

SMTP (Outgoing) .......................................................................................................................................... 28

Webmail Read............................................................................................................................................... 30

Webmail Sent................................................................................................................................................ 32

INSTANT MESSAGING &CHAT.................................................................................................................................. 34

Windows Live Messenger (aka MSN)............................................................................................................ 34

ICQ ................................................................................................................................................................ 39

Yahoo Messenger ......................................................................................................................................... 41

QQ Messenger * ........................................................................................................................................... 43

UT Chat Room............................................................................................................................................... 48

Skype *.......................................................................................................................................................... 49

Gtalk (in HTTP Gmail) ................................................................................................................................... 50

Internet Relay Chat – IRC .............................................................................................................................. 51

FILE TRANSFER ...................................................................................................................................................... 52

File Transfer Protocol - FTP ........................................................................................................................... 52

Peer to Peer File Sharing – P2P ..................................................................................................................... 54

HTTP.................................................................................................................................................................. 55

HTTP Link ...................................................................................................................................................... 55

HTTP Content................................................................................................................................................ 57

HTTP Reconstruct.......................................................................................................................................... 59

HTTP Upload/Download ............................................................................................................................... 62

HTTP Video Streaming (FLV Video) ............................................................................................................... 64

HTTP Request................................................................................................................................................ 66

HTTP Social Network Sites ............................................................................................................................ 68

TELNET ................................................................................................................................................................ 69

OTHERS ............................................................................................................................................................... 71

Online Games................................................................................................................................................ 71

VoIP (Optional Purchase License) ................................................................................................................. 72

Unknown Connection.................................................................................................................................... 74

SYSTEM SETTING ................................................................................................................................................... 75

Network Setting............................................................................................................................................ 75

Network Setup .............................................................................................................................................. 76

DNS Setup ..................................................................................................................................................... 81

Shutdown and Reboot .................................................................................................................................. 81

System Time Setup........................................................................................................................................ 82

Filter Setup.................................................................................................................................................... 83

Storage.......................................................................................................................................................... 84

Services ......................................................................................................................................................... 85

Edit Password ............................................................................................................................................... 96

Backup Data.................................................................................................................................................. 97

Disk Space Control ......................................................................................................................................101

SYSTEM STATUS .................................................................................................................................................. 102

Port Number ............................................................................................................................................... 102

Online IP...................................................................................................................................................... 104

Login List .....................................................................................................................................................112

Update ........................................................................................................................................................113

Maintenance...............................................................................................................................................114

Domain ....................................................................................................................................................... 116

SYSTEM TOOLS.................................................................................................................................................... 117

Delete Data................................................................................................................................................. 117

Authority.....................................................................................................................................................119

Storage Alert............................................................................................................................................... 123

Throughput Alert ........................................................................................................................................124

AD Import ...................................................................................................................................................126

REGISTRATION .................................................................................................................................................... 129

DATA SEARCH ..................................................................................................................................................... 131

Full Text Search...........................................................................................................................................131

Similar Search ............................................................................................................................................. 133

Data Search – Conditional or Parameter Search ........................................................................................ 134

Association Search...................................................................................................................................... 145

Captured File List ........................................................................................................................................147

Bookmark.................................................................................................................................................... 148

SEND MAIL SERVICE ............................................................................................................................................. 151

Alert with Content.......................................................................................................................................151

Alert Mail Box .............................................................................................................................................152

Alert Sensitive File....................................................................................................................................... 153

Report Management ..................................................................................................................................154

Event Management .................................................................................................................................... 155

Event Trigger Management........................................................................................................................ 157

STATISTICAL REPORTS ........................................................................................................................................... 158

Conditional Reports (Single Report)............................................................................................................ 158

Conditional Report (Group Report)............................................................................................................. 161

Network Services Usage Report.................................................................................................................. 162

Network Services Usage Weekly Report .....................................................................................................163

Top Websites Report................................................................................................................................... 164

Online Users Report .................................................................................................................................... 165

Last Month Key Word Trend Report ...........................................................................................................167

Daily Report (Excel Log Report) .................................................................................................................. 168

APPENDIX A: P2P SUPPORTED .....................................................................................................................169

APPENDIX B: ONLINE GAMES SUPPORTED...................................................................................................170

APPENDIX C: RETRIEVE DATA LOG VIA FTP ..................................................................................................171

APPENDIX D: FIELD DEFINITION OF FULL-TEXT SEARCH FUNCTION ..............................................................172

EXTENSION – QUERY SYNTAX DEFINITION ...................................................................................................176

OVERVIEW ......................................................................................................................................................... 176

TERMS............................................................................................................................................................... 176

FIELDS ............................................................................................................................................................... 176

TERM MODIFIERS ................................................................................................................................................ 177

Wildcard Searches ......................................................................................................................................177

Fuzzy Searches ............................................................................................................................................ 177

Proximity Searches......................................................................................................................................178

Range Searches........................................................................................................................................... 178

Boosting a Term.......................................................................................................................................... 178

BOOLEAN OPERATORS .......................................................................................................................................... 179

AND............................................................................................................................................................. 179

+ ..................................................................................................................................................................179

NOT .............................................................................................................................................................179

-................................................................................................................................................................... 180

GROUPING ......................................................................................................................................................... 180

FIELD GROUPING ................................................................................................................................................. 180

ESCAPING SPECIAL CHARACTERS ............................................................................................................................. 180

Introduction

LevelOne Internet Content Inspector, ICI empowers your business security and operations teams

by providing granular data monitoring and precise packet and session reconstruction capabilities. The

solution is designed to combine process and technology into a single effective system for network

forensics. Business can for the first time embrace Web 2.0 and maintain complete visibility and

control, while significantly reducing total cost of ownership through device consolidation. ICI offers

real innovation by enabling unprecedented visibility and control of applications and content with no

performance degradation. It identify applications accurately - regardless of port, protocol, evasive

tactic or SSL encryption – and scan content to stop threats and prevent data leakage.

It intercepts, captures and reconstruct Internet activities such as Email (POP3, SMTP, IMAP),

Webmail Read and Sent (Yahoo Mail, Gmail, Windows Live Hotmail, Seednet etc.), Instant

Messaging or Chat (Yahoo, Windows Live Messenger or MSN, ICQ, AOL, QQ, UT Chat Room, IRC,

Gtalk, Skype Voice Call Duration Log), HTTP (URL Link, Content, Upload and Download, Video

Streaming), File Transfer (P2P File Sharing, FTP), Online Games, VoIP (Yahoo Messenger) and

Webcam (Yahoo Messenger and Windows Live Messenger - MSN), VoIP (RTP Voice Call) and

Telnet sessions. ICI system encourages efficiency, prevents company network resource from abuses

by employees, tracing culprits of information and confidential data leakage, and monitors activities

and online behaviour of employees.

Ethernet LAN interception is an important approach to gather information of communications and

digital evidence. Ethernet LAN interception solutions capture all the traffic on the LAN network and

monitor the Internet activities. It is capable of live intercepting with real time capturing and

decoding/reconstruction, category classifying, behaviour analysing, data mining, reporting with

statistics etc.

ICI comes with wide variety of management and administrative functions. It provides you various

types of report with Top-Down View. Reports that can be created include Total Throughput Statistical

Report, Network Service Report (Daily, Weekly basis), Top Websites etc. All statistics can be

displayed in per IP Address or per User Account basis.

ICI also provides varieties of search functions. It provides Free Text Search (search by Key Words

with Boolean support), Conditional Search, Similar Search and Association with Relationship Search.

It also comes with Alert and Notification (Throughput, Conditional and Key Words Alert) functions that

allow the network Administrator to setup different alert rules and parameters. This allows alert to be

triggered (email to be sent to Administrator) once the specified content is found in the captured and

reconstructed content.

Backup function allows user to back up the captured raw data files or reconstructed contents. User

can setup auto backup to backup these files to external drive (NAS or SAN) through FTP upload

method. Besides, user can opt for manually backup these files by burning them into CD/DVD or even

downloaded them to a local hard drive/PC.

Other functions available are like Bookmark, Capture File List (Comparing the content of two files),

Online IP List, Authority Assignment, Syslog Server etc. Others functions include hashed export

(backup), file content comparison etc.

Who Need the ICI System

•Financial, Banking and Investment Organisations where all Internet transactions and

communications need to be archived (Record Keeping).

•Marketing organizations, design house, high technology and R&D firms where critical

confidential information need protected.

•Schools, colleges, institutions and universities that would like to monitor students and staffs

online activities and behaviour.

•Government agencies and ministries such as Police Intelligence, Military Intelligence, Secret

Service Agencies, National Security Agencies, Criminal Investigation Agencies, Counter

Terrorism Agencies etc.

•Any company or organization that wants to monitor, backup and archive their daily Internet

transaction and data.

Application and Implementation

The diagram below is a common ICI application and implementation diagram which can be applied to

any organization networks. ICI uses sniffer technology to sniff or capture network Internet packets

through a port-mirroring capable switch (normally a smart switch or layer 2/3 switch; a HUB can be

used too as HUB broadcast traffic to all ports). It then parses (decodes and reconstructs) the captured

raw data packets, store them in system database and displays the reconstructed data with reports in

original and readable format in the Web GUI.

Ethernet LAN Organization Network Monitoring and Interception

ICI can also be implementation at network with huge volume of traffic throughput such as mass

interception and lawful interception at Telco or ISP networks. This implementation is normally for

lawful enforcement agencies (LEA) such as cyber security agencies, national security agencies,

criminal investigation bureau, police and military intelligence. Please contact LevelOne sales team for

more details

sales@level1.com

Telco or ISP lawful Internet Interception

Unpacking & Installing

Packing Checklist

19 inch 1U Rack mountable Server x 1

Quick Installation Guide x 1

CD Manual x 1

Mounting Bracket set x 1

Power Cord x 1

Front Panel

1. Power LED

2. HDD LED

Rear Panel

1. Power Socket

2. Power Supply Unit

3. PS/2 KB & Mouse (for local console)

4. VGA Display (for local console)

5. Monitor Ethernet Port

6. Management Ethernet Port

This manual suits for next models

Table of contents

Popular VoIP manuals by other brands

Minitar

Minitar MVA11A user manual

Fanvil

Fanvil D800 Quick installation guide

ZyXEL Communications

ZyXEL Communications FMG3024-D10A Series user guide

Avaya

Avaya Communication Manager Administrator's guide

Quintum

Quintum Tenor DX Product guide

Linksys

Linksys SPA 2102 ATA Setup & troubleshooting

RTS

RTS RVON-16 user manual

Allied Telesis

Allied Telesis AT-VP504E FXS Administration manual

Talkswitch

Talkswitch 240 Configuration guide

Net2Phone

Net2Phone MAX 4 quick start guide

iPECS

iPECS eMG80 installation guide

NetComm

NetComm V210 Setup guide

NetComm

NetComm NB16WV Setup guide

D-Link

D-Link DVG-5004S user manual

NETGEAR

NETGEAR WGR615VV2 manual

Hubbell

Hubbell GAI-TRONICS RED ALERT 393-710 manual

ZyXEL Communications

ZyXEL Communications VOP1372G-61 user guide

Alcatel-Lucent

Alcatel-Lucent VoIP for Enterprise brochure

LevelOne ICI-1000 User manual

Popular VoIP manuals by other brands