CyberTrace is the world's first Network Security Management
The CyberTrace client is the world's first Network Security Management System. Any
systems administrator knows that it is difficult, if not impossible, to tell what is going
on on the network. When they use tcpdump, or the Lanalyzer they have to be an expert to
wade through the data. Even if your company has an expert, better use can be made of that
expertise than doing the drudge work of data reduction. What you need is a tool that not
only collects the network traffic but makes a judgment as to what looks suspicious.
Because CyberTrace flags connections high priority with numbers, 0-10 an administrator can
review the highlights and even replay those sessions and ignore connections with low
priorities numbers, 30-100.
CyberTrace - Intrusion Detection
Ease of Use - Motif Graphical User Interface
front end to a distributed Intrusion Detection Tool.
- Creates a Security Community - Shared modules for
greater flexibility. ANSII standard SQL database.
- Secure Communications - Encrypted data links.
- Automated Response - User defined commands
executed on alerts (including SNMP).
- Handles Large Networks - Client/Server design
extended to tiered design means CyberTrace scales to global networks. Light load on
- Accuracy - Low false positive ratios.
- Practical - It is a practical program designed and
developed by former network managers to meet the security needs of the unclassified
network of the US Air Force and other commercial clients
- 100 % Coverage - It addresses the 80% of computer
fraud and abuse that is internal to a network in addition to the external 20% that
- Built For Growth - It is modular in design and
will automatically keep up with the latest hacker technology, with minimal additional work
or investment on your part It can be Integrated into your existing TCP/IP network easily
What is Network Security Management ?
Network Security Management is the ability to manage your network's risk to
fraud, and abuse
The first step in NSM is knowing what is happening on your network
- The next step is analyzing the data for suspicious activity (DATA REDUCTION)
- Next you need some response capabilities
- Lastly you need expert help when confronting a real incident (Law Enforcement,
Expert Witnesses etc.)
Network Risk due to peoples activity
CyberTrace is a security tool and as such is only concerned with the activities
of people on the network
- External attacks - Hackers
- Internal Attacks - Embezzlement, Insider Trading, Corp. Spying...
- Fraud Transaction, Credit Card, other
- Virus propagation through mail/other means
How CyberTrace Will Manage Risk
- It uses sharable modules to detect hacker activities
- It uses the same module capabilities to allow customization within an industry or
within a single enterprise
- It can shutdown routes and page someone in an emergency
- It allows security administrators to sift and sort through the data to look for
patterns of abuse
- It displays the raw data for analysis on demand
CyberTrace Handles Large Networks
- By moving the analysis to the listening stations
- By moving the reporting and management to the management stations
- By providing low cost listening station software, allowing multiple listening
stations to break up the network bandwidth
- By only shipping exception data across the network (Only 60 bytes of data per
- By providing a multi tier approach to NSM
CyberTrace Saves Time Spent on NSM
- By providing an easy to use GUI in Motif (with a Windows NT interface in the
- By providing tools to sort and sift through the data
- By automatically logging and flagging bad connections so security administrators
dont have to spend time analyzing the raw data
- By providing a separate, reliable log that can not be forged or deleted
- By providing expert help on managing incidents through the use of on screen
- By providing trained trusted consultants - Just a phone call away