Traffic Inspector

An integrated gateway solution for controlling access to the Internet and for providing data transmission services. The product contains: a proxy server that provides caching and blocks unwanted resources; a simple and secure firewall to protect against network attacks; a billing system; accounting for all types of traffic (through the proxy server, the mail gateway, and NAT); a system for the dynamic control of speed and sessions; blocking of excessive network activity; diversion and routing of traffic; mail gateway; integration with Active Directory; secure authorisation; web server statistics; remote access; reports.

Features and Benefits:

Traffic Inspector, network monitoring software, was developed to integrate and complement the diversity of network capabilities of OS Microsoft Windows, so you do not have to make special settings. Everything that worked before will work after you install the program; you only need to set up user authorisations. Traffic Inspector will enable you to accomplish the majority of tasks arising when you are connecting to the Internet:

Control Internet Access & Traffic

Users can work both directly, through NAT, or through the proxy server. A separate account is created for each user and all their actions on the Internet are displayed in simple and understandable reports.

Accounting for Traffic

Accounting for traffic is per byte for each user, and you determine the unit of accounting, limits, blocks, filters and schedules. The certified billing system guarantees precise calculations.

Proxy Server & Economy

Traffic Inspector proxy server allows caching of frequently-used Internet resources, as well as blocking banners, ads, graphics, music or videos, and the banning of unwanted sites or sections.

Network Security. Firewall

Network protection is organised at two levels: the firewall provides protection against external network attacks, and the system of locks and alarm at excessive network activity is used for internal security control.

Antivirus Protection

Traffic Inspector checks continuously for network infections by viruses. It checks traffic through the proxy server and the mail gateway with the help of additional modules for antivirus protection.

Speed Control & Routing

Traffic Inspector allows you to set speed limits for users or groups with dynamic load; Advanced Routing system makes it possible to send traffic to different access channels, including satellite.

Spam Filtering

The Traffic Inspector mail gateway allows you to block spam on the internal mail server. You can filter incoming email messages using “black” and “white” lists, delivery rules, etc.

Remote Control & Statistics

The program has a number of tools for the remote management and monitoring of the system. Using Traffic Inspector, you will always know about the state of the network, wherever you are.   

 

Screenshots:

 

Characteristics:

Internal and External Nets - Protocols and Topology

• The server can work with several internal interfaces in complex-topology networks.
• The following interfaces are supported: 802.3 (Ethernet), 802.11 (Radio Ethernet), WAN PPP, WAN VPN (PPTP, L2TP).
• Works with NAT from Windows. RAS (Dial-out), VPN (PPTP, L2TP) and PPPoE are supported.
• Works with RAS server (Dial-In clients), supports both modem connections and VPN (PPTP, L2TP).
• Internal networks may be set as local (for example: office network) or public (for example: home network). Different access policies may be used for different networks.
• A special sniffer mode may be used to account and view user traffic through other servers within an internal network.
• The server can work with several external interfaces, i.e. several Internet connections are possible.
• To work with dynamic external interfaces you may use automatic selection mode.
• Correct working is guaranteed during the separation of incoming and outgoing traffic on external interfaces (for example, while working via a satellite).
• Internal IP interface (127.0.0.1) is for personal use. In this case it is prohibited to assign other internal interfaces.
• Clients can work on a terminal server.
• IEEE 802.1Q (Tag based VLAN) protocol is supported.

User Authorization

• Authorization by network address - IP, MAC or both. IP range authorization is also possible.
• Authorization by username and password is possible when working through proxy or Client Agent and supports either Traffic Inspector or Windows network domain passwords. Authorization from different domains is supported.
• Records on the authorized MAC clients are kept in the static ARP table of the operating system.
• Authorization by email addresses is used in SMTP gateway.
• It is also possible to use Vlan ID for authorization.
• API authorization allows to work with third-party software.
• Control of violation of authorization rules. The software registers access violations through logging, including into network stats. Besides, there is an option to notify administrators of such events by email.
• 8192 users and 256 groups can be supported.
• Automatic redirection of unauthorized users to a special information page of the built-in web-server (it is quite convenient for Wi-Fi networks and connecting new clients within home networks).

User Limitation

• By date.
• On schedule. The schedule can be set individually for a user, for a group or for all of them at a time.
• By resource access. There are group and common, allowing and prohibiting filters. Filters are used both on the IP level of any traffic (IP addresses, protocols and ports) and on the level of application when working via proxy (HTTP, FTP, URL, datatypes, regular expressions). At any time you may set hostnames instead of IP addresses as a result filter settings don’t depend on the change of IP addresses of the resources.
• By IP and MAC address. It is used for the clients with name authorization to set additional limitations on them.
• By access to services (NAT, routing, proxy, SOCKS).
• By number of TCP sessions. This restriction works both for proxy (SOCKS) and direct traffic.
• Virus Flood Protection – prevents network and server congestion. It analyzes a user’s traffic and blocks it at network statistics overflow typical of computer infection with network viruses.
• It is possible to disable the port of controlled equipment through SNMP with the help of scripts if user state changes.

Tariffing

• Various traffic accounting: by incoming, outgoing, by the sum of incoming and outgoing, by the highest value of both incoming and outgoing.
• It is possible to set prepaid (free) traffic.
• It is possible to tariff client session time. The subscription fee can be charged daily or per a minute of real work.
• Backdating change of rates is possible – alteration of any kind results in immediate recalculation of all billing data. In addition, you may give discounts on cache, mail or any other traffic depending on the criteria set in filters.
• Work on credit. Individual access policies can be applied before blocking when a client works on credit.
• You can make individual, group or common tariff settings. Due to this you may have different tariff plans.
• The current status of the client, including all tariffing parameters, is displayed in real time.
• All the changes in clients’ statuses may be logged for further processing and report building.
• You may create group accounts, i.e. one account for several groups or clients.
• While setting tariffs, you may specify the limits on traffic per day, week or month.
Control of External Traffic
• To account the total traffic consumed from a provider the software has controlled counters. Using them you can account the traffic from a provider. Several counters make separate accounting of different traffic types (reduced-charge or free) possible.
• For controlled counters the following limits can be set: warning limit, overspending limit and daily limit. In the event that these limits are exceeded you will receive a notification from your administrator and/or the traffic in the channel will be blocked.
• If any blocking is activated on the external counters, any external application may be started.
• For additional analysis of commonly consumed traffic you may assign external information counters that can analyze traffic by IP protocol and by port.
• The data from the external counters can be both displayed in real time and logged for report building.

Network Statistics

• Collection of network statistics on IP addresses, protocols, ports and DNS-names can be enabled for users and external counters.
• There is a possibility to set the level of detail, namely: analysis interval and the number of active connections - either individually or for all.
• Current statistics can be displayed in real time and logged for report building.
• WhoIs and NetGeo services are used for additional analysis of hosts and networks.
• Network statistics may be logged into internal DBMS of the software. It is possible to synchronize internal DBMS with external database on either MSSQL 2005 or MySQL, or PosrgreSQL.

Proxy Server

• Protocols: HTTP/1.1, FTP, SOCKS 4/5.
• Authentication: BASIC or Windows integrated authentication (NTLM v. 1/2).
• Caching. There are a lot of settings for selection of optimal parameters to save traffic.
• Individual flexible settings for caching separate resources.
• Cache is stored in a single DBMS file. Its internal fragmentation is absolutely impossible. All caching indices are stored in RAM. This enables high-speed caching.
• Content filtering – proxy and IP filters use common lists, but for proxy it is also possible to assign content type and carry out the analysis of the protocol and URL including context search with the help of regular expressions. Due to this effective banner filtering is possible.
• HTTP CONNECT – through proxy any SSL, FTP or any other TCP application allowing to work via HTTP tunnel can work.
• FTP through HTTP (GET method) – proxy generates HTML pages thus allowing to work with FTP servers in read mode. Automatic switching between active and passive modes of the FTP is possible.
• Pass-through authorization. If a user was not authorized, authentication is requested through proxy or SOCKS server.
• Automatic browser configuring in compliance with accepted standard. A proxy server gives a standard WPAD.DAT JAVA script to the clients to be configured. It is possible to specify Local Address Table (LAT) in it. Forced browser configuring through Client Agent may be used too.
• Forwarding of HTTP requests to another proxy.
• Blocking of HTTP traffic passing beyond proxy.
• Operating control of filtering and caching modes from the client’s side.
• It is possible to selectively enable logging of all requests passing through proxy.

SMTP Gateway

• The software allows to publish an internal SMTP server outside.
• Prohibits open relays, thus allowing to use the simplest mail servers within the network.
• Verification of the domains specified in the senders’ email addresses.
• Check of senders’ hosts through RBL based on DNS. Simultaneous checking on several servers involves a great number of RBL services and helps to avoid delays. Via RBL it is also possible to check all on-the-way SMTP servers through the analysis of email headers.
• There are black lists of senders’ hosts, which can be filled both automatically and manually. Automatic entry of hosts filtered through RBL into the black lists allows to save traffic on them during spam mailing by eliminating subsequent requests to RBL services.
• There are white lists that include senders which emails won’t be filtered.
• A detailed log is maintained to analyze filtered emails, it is also possible to mail notifications to administrators.
• The software can rate emails incoming to known receivers which use Traffic Inspector. To save traffic emails incoming to unknown receivers may be rejected.
• It is possible to reject emails for enabled or blocked users.
• Supports the integration of Traffic Inspector AntiSpam, a module that prevents from junk mail.

Firewall

• The software closes requests from the outside by default, but transparently allows outgoing TCP, UDP and ICMP data, due to this service setting is virtually not required.
• Dynamic UDP filtering enables to differentiate incoming UDP requests from outgoing ones correctly, transparently allowing outgoing UDP data.
• Dynamic filtering of FTP-DATA. FTP analysis of PORT and PASV commands and setting temporary permissions in firewall. Due to all this it is possible to work with active mode (client) and with passive one (public server), as well.
• To make the operation of different server applications or of other protocols possible, you may specify a list of allowing and prohibiting rules.
• Information counters enable separate accounting and analysis of filtered incoming traffic (flood analysis, port scanning and so on).
• To protect the server within the network, i.e. from the inside, internal firewall may be enabled. Its functionality is similar to the external firewall. This firewall can be individually set for local and public networks.
• It is possible to block unauthorized traffic on the server itself.
Bandwidth Control
• The service works with any traffic passing through the server, including the traffic passing through proxy and SOCKS.
• Limitation of individual speed and individual adjustment for receipt and transmission.
• Dynamic limitation – specification of the sum maximum speed for groups as regards receipt and transmission separately.
• Limitation on the number of packets. It is quite helpful to prevent network congestion during viral epidemic.
• Specification of traffic, which should not be controlled, in the filters.
• Specification of speed limits for specific types of traffic.
• Specifying priorities for certain types of traffic. This setting helps to change the order of priority as regards packet processing in the internal queue of the shaper and to transmit these data with minimal delay.
• The schedule may be set for all the rules. This enables to dynamically change the settings of this service depending on the time.
• When working through proxy there is a possibility to adjust the band to different content types.
• There are no speed limits on the data from proxy cache and from local web-server (statistics server).

Advanced Routing and Redirection of TCP Connections

• The software extends Windows router functions. This is known either as policy routing or source routing.
• Redirection of group traffic to specified external interface.
• Redirection of user traffic to specified external interface.
• Redirection of certain traffic type. While working via proxy, it is also possible to specify the type of HTTP content.
• Traffic redirection can be also set in filters.
• Redirection of TCP-connections outgoing from a client. It is convenient to use redirection if there is a third-party proxy in the local network or if redirection of the client to another Internet-resource is needed.

Client Service

Through the Client Agent a user can do the following:
• See the current balance, set notifications in case of small balance on the account.
• Change the levels of content filtering, i.e. work in the traffic saving mode.
• Change proxy caching modes. This will enable you to look through updated resources with no troubles but with good results of traffic saving due to caching.
• Have quick access to the personal account through the context menu of the Client Agent.
• Change passwords through Client Agent. This option can be disabled in Traffic Inspector by an administrator.
• Have several protocols for authorization through Client Agent (UDP, HTTP, SSL). If some problems arise during authorization through UDP in WiFi networks, you may use either HTTP or SSL.
• Have incorporated web-agent that is similar to the Client Agent in its functions. Web-agent installation is not required, as it can be run through the main page of the built-in web-server.
• Have Client Agent customizable notifications concerning blocking of group accounts because of exceeded limits.
• In addition, an administrator can send out quick notices to the users having the Client Agent.
• Incorporated web-server supporting scripts run and formation of dynamic content provides the clients with the access to the reports on their work. This service is completely recorded (documented) and can be easily improved without any assistance from the outside.

Administration

• Remote management – the standard DCOM technology is used for remote access, management console is designed like MMC Snap-In and can be easily integrated with any other administrator’s tools.
• Access restriction – it is possible either to specify a group of administrators in the Windows domain or use in-built password authentication.
• Allocation of access rights – it is possible to create administrators with limited rights. They could, for example, only add clients, credit accounts or work with certain group of clients.
• Real-time monitoring of clients work and network statistics.
• Control of clients’ stats and account crediting via web-interface.
• In the event that clients’ computers are out of the Windows network, the clients can load or update the Client Agent through in-built web-server without any assistance from the outside.
• Clients can be added automatically if the network works with Windows domain. This mode can be disabled for a separate group of the domain. It is also possible to place new clients to different Traffic Inspector groups bind to domain groups.
• Some part of settings for the program clients is possible through web-interface.
• Data on the top three active counters.
• Data on the top three active clients.

Reports

• Several tens of different types of reports can be built as regards traffic, billing and network statistics. All reports can be imported and saved in various forms and formats – tabular and graphical.
• Report collection may be augmented through automation interface.

Complimentary Plug-ins and Software Products

• Traffic Inspector AntiSpam to prevent unwanted emails.
• RAS dialer to hold Dial-In and VPN connections.
• Billing Operator for ISPs, hotels, Internet-café, etc.
• Anti-virus modules to scan traffic passing through proxy and SMTP gateway based on Kaspersky Lab and Panda Security technology.
• Traffic Inspector Personal Edition for free personal (home) use.

Automation Interface

• API open for outside developers.
• Built-in support for automation scripts.
• Developers’ community on the forum.

Performance

The capabilities of a server with Traffic Inspector depend on the capacity of the equipment, but planned load when carrying traffic through the server should not exceed the following recommended numbers:
• Network capacity: under 2,000 abonents;
• Traffic passage through the server: under 5,000 packets per second.

System Requirements:

 

You can download a trial version HERE.

 

Traffic Inspector Gold 5

Full Version

JUST: 96.04 EUR

30 Days no question asked refund guarantee according to seller terms and conditions.