'Google-like' tool aids network security
Network administrators and security specialists have long had tools and software for analyzing the streams of traffic that course through company systems, but now a Marlborough, Massachusetts, startup wants to make the process a lot easier.
Dejavu Technologies recently released TrafficScape, an appliance that grabs network packets and converts them into XML documents, which are then pulled into a database that is searchable through a simple, Google-like toolbar.
The company is aiming the software at average investigators who may have the instincts needed to make smart searches through reams of data, but who lack specialized technical training, according to CEO John Ricketson.
"When it gets to dealing with networks, there are a lot of low-level engineering skills required. We're trying to get tools that domain experts can use," he said. Such individuals need to "have the tool get out of [their] way."
TrafficScape can capture a wide range of protocols and document types, including email, VoIP calls, instant messages, PDFs, Internet searches, and various other forms of data, according to the company. Searches can be done in "near real time" or against a stored data set.
Users can employ simple keyword searches or construct more granular Boolean queries, such as for all network documents containing the words "aluminum," "shipment" and "Dejavu," according to a demonstration.
The tool also allows searches that employ network attributes -- information such as IP addresses and user IDs that are tied to a given conversation. Therefore, one could search for all exchanges between two particular users, in which a certain keyword or words crop up.
Conversations with many network transmissions, such as an instant messaging session, are captured and organized as a group within a single document. Even the buddy lists associated with a chat get captured, giving investigators a potentially broader view into a target's identity and associations.
Beyond ease of use, to differentiate TrafficScape in the market, Dejavu is planning to home in on Web 2.0 data, such as the various information streams that flow to and from complex social networking sites like Facebook, Ricketson said.
The next version of the product will also add automatic text transcription of VoIP calls and video streams, which will be indexed and searchable.
While Dejavu may have a couple of new twists on the formula, a range of other companies, such as PacketMotion, have been selling various types of network traffic analysis tools for some time.
Sign up for ITworld's Daily newsletter
Follow ITworld on Twitter @IT_world
On Twitter now
networking
Powered by Twitter
Esther Schindler
If the comments are ugly, the code is ugly
claird
SVG a graphics format for 21st century
pasmith
Take Chrome OS for a test spin
Sandra Henry-Stocker
Solaris Tip: Have Your Files Changed Since Installation?
jfruh
Android fragments vs. the iPhone monolith
mikelgan
What Gizmodo missed about the Pro WX Wireless USB disk drive
Where Google Chrome security fails: the password
I heard mention that the Chrome OS will have some sort of encryption available a la bitlocker. If it's possible to encrypt personal data using another password or key, then it may have potential for very secure data.... And Ubuntu has an 'encrypt home directory' option, perhaps google should follow suit.
- Dann
Join the conversation here
Quick, practical advice for IT pros. Made fresh daily.
Want to cash in on your IT savvy? Send your tip to tips@itworld.com. If we post it, we'll send you a $25 Amazon e-gift card.
