NetAuditor expands network security event management (SEM) strategies beyond basic end-point protection by accelerating the detection and automated response that leading firewall manufacturers omit in their border security offerings. NetAuditor includes automatic end-user identity association, geographic location identification by region; country; and service provider, Internet content categorization, real-time monitoring, and network event triggers.

The dashboard provides a number of options for quickly finding data you are interested in:

  • Filtering options include device, date, and group membership using LDAP; IPv4; IPv6; Host; and User Name.
  • Options exist to enable viewing per dashboard by volume and accesses. Additionally, each dashboard has interactive search fields with expression based syntax to quickly find data.

Configuring reports enables an end-user to run, save, or schedule a new report. It will show you a list of all available report templates, which will be grouped by report categories. Properties exist for distributing via Email and FTP, and export formats include PDF, XLS, and HTML.


Properties

The most critical properties when configuring a report are the date range you want to run it for and whether you want to run it immediately, save the currently selected options so you can reuse them later, or schedule it to run automatically.

Distribution options allow you to choose the report's file format (PDF, Excel, RTF, CSV, TXT, or HTML) and where to deliver it. All completed reports will automatically be stored in an archive, which equates to the manager's "Completed Reports" list. However, completed reports can also be delivered automatically via email, FTP, etc. NetAuditor's delivery mechanism allows custom scripts to be written to provide custom delivery methods.

Additional formatting options allow you to easily tailor the report output to your audience.


Filters

Filters are important to consider them when configuring a report. If you have multiple devices and you only want to see data logged by one of them, specifying a filter on that device will make the report run faster and will make the resulting report smaller. When running detail reports, you could end up with a report that is too large to open. It could easily be on the order of millions of pages.

You can check the monitor component at any time and instantly see all monitored traffic for the past 24 hours (down to 1-minute increments). You can set up alerts or event triggers to have the processing engine alert you immediately if the monitored traffic exceeds certain thresholds.

Membership Rules

Groups can be defined by different types of membership rules:

  • IPv4 and IPv6
  • User and Host
  • LDAP
Tracking Historical Changes

NetAuditor provides basic support for tracking historical changes in group membership rules. LDAP membership rules are special in that they automatically keep track of historical moves/adds/changes for individual users. Tracking Historical changes is critical when staff enter and depart from the organization or as roles and responsibilities change. This makes reporting and the dashboard historically accurate regardless of how many times a person has changed departments or as a user walks from zone to zone in a Wi-Fi network.