THE POWERFUL NETWORK FORENSIC TOOL

RECORD AND REVEAL

every information that goes in / out of your organisation. Yes, everything.

PacketBlackHole (PBH) records and reveals everything that goes on in your network.  With most advance capabilities to RECORD the network traffic and cutting edge decoding techniques  to REVEAL even encrypted communication that goes on in and out of your network, PBH will be the ultimate solution for all your data leakage prevention endeavours.

1. Advanced decoding capabilities RENDER THE ENCRPYTED communications(*1).Renders all the communications traffic including access to websites, SSL encrypted websites, E-mails and its attachments, webmail contents and the attachments, P2P software file transactions.
2. High recording capabilities  – achieving ZERO PACKET LOSS (*2)
   in a 800Mbps through put using bridge capture structure

Surveillance system at its best.

• PBH is the real-time internet monitoring and forensic system that captures decodes and reconstructs even those types of traffic which can not be rendered with other monitoring tools.   This is achieved by our recognized team of forensic specialists  who have many accreditations including “CISSP(*3) “ and CEH(*4).    The device is commonly used for organisation’s internet behavioural monitoring, auditing, record keeping, compliance, and forensic analysis & investigation in case of any security incident.  The powerful data-mining capabilities of PBH also allows a direct and intuitive access to required information, whilst its comprehensive reports capabilities will provide effective due diligence for many standards and acts like PCI DSS(*5) Sarbanes Oxley Act (SOX), or legislation including  FSA compliance Data protection acts and many others.

Know the unknown.

• PacketBlackHole(PBH) is capable to decode, render and reconstruct various Internet applications and services such as Email (POP3, IMAP and SMTP), Webmail (Yahoo Mail, Windows Live Hotmail, Gmail etc. including what is attached to each mail), Instant Messaging (Yahoo, MSN),  File Transfer (FTP), BBS and SNS sites dialogue, Telnet,  HTTP(Link, Content, Reconstruct, Upload and Download)  of which includes picture file and Video Streaming (flv /mpg4 ), VoIP recording (SIP). The list goest on.
• The other common use of PBH is to monitor all user access and transactions to the core system and servers, such as any ERP & business applications which has relational database backbone ( Oracle, SQL etc. *6).
• The software comes with wide variety of management and administrative functions and features. It provides you various types of report with Top-Down View. Reports that can be created include Total Throughput Statistical Report, Network Service Report ,Top searched keywords by users.  Top Websites accessed etc. All statistics can be displayed in per IP Address or per User Account basis.

<Manufacturer Product Site>

• PacketBlackHole: http://www.packetblackhole.jp/en/index.html
• PacketBlackHole Cloud: http://packetblackhole.com/

*1) Counter SSL Proxy (CSP) option required for this feature.
*2) Lab benchmark value. Performance may vary depending upon conditions and environments.
*3) CEH: Certified Ethical Hacker
*4) CISSP: Certified Information System Security Professional
*5) PCI DSS: Payment Card Industory Data Security Standard
*6) Please contact our sales team to check the supported version of Oracle / SQL.

Web application Security testing check the SQL injection, Cross site scripting, Session management, buffer overflow, X path injection, Denial of Services vulnerabilities and perform authentication, authorization, business logic and input validation, DB listener and SSL testing.

The result will be a comprehensive assessment of the security posture of the web application, listing all vulnerabilities discovered, along with recommendations for mitigation and a clear indication of the risk posed by each issue.

1. Rule

No matter what type of solution is chosen, there has to be certain rules, only base on which, solution can be implemented. No rules, no tools. e.g.) Traffic Signal is useless without rules.

2. Tool

In some cases, rule can solve the problem and in some cases, not. Perhaps not in terms of efficiency. To achieve what is dfined as a rule, adequate tools needs to be chosen. Tools will be made good use only when proper rule exists.e.g.) Traffic Rule cannot be realised without traffic signals or signs.

3. Implementation

Even when rules and tools are ready, without implementation, solution becomes pointless. Tools and rules will be made good use only when proper implementation is conducted.e.g.) Traffic Rule and Traffic Signals, but not distributed or placed.

4. Operation

Tools cannot survive itself without proper operation and maintenance. Tools are tools and configurations of the tools must be reviewed in accordance with the change of the actual environment.e.g.) Traffic Signal needs maintenance.

IT audit service is carried out through following phases

1. Audit planning
2. Risk Assessment & Business Process control
3. Performance of Audit work
4. Reporting

Firewall Configuration Review

A firewall is an integral part of any architecture. If poorly configured it can be a liability. A review of firewall configuration will highlight any deficiencies in the security of the firewall configuration and compliance with organization security policies.

Network Devices configuration Review

Network devices (Routers & Switches) are ubiquitous in today’s enterprises. They are party to the flow of information through an organisation and hence have a pivotal role to play. A review of network device configuration will highlight any weaknesses that could lead to unauthorised access to network devices.

IDS/IPS configuration Review

Security devices, such as intrusion detection systems (IDS), must be correctly configured in order to provide the best protection. A review of the IDS/IPS (Intrusion Prevention Systems) configuration will highlight areas of deficient configuration that could lead to attacks going unnoticed.

Penetration testing is where a professional “ethical” hacker inspects the vulnerability of your information systems from an objective view point.

The difference between a traditional security audit/test and our penetration test is that we can actually test your security by using the same techniques that a real attacker would use when hacking your system.

This technique identifies the real threats to your information systems and enables us to provide more effective measures to protect your company from future information breaches.

A Firewall is an important perimeter defence tool that protects your network from attacks. Security tools like Firewalls, VPN, and Proxy Servers generate a huge quantity of traffic logs, which can be mined to generate a wealth of security information reports.

Why Firewall Log Analysis?

Analyzing firewall traffic logs is vital to understanding network and bandwidth usage and plays an important role in business risk assessment. Firewall logs reveal a lot of information on the nature of traffic coming in and going out of the firewall, allows you to plan your bandwidth requirement based on the bandwidth usage across the firewalls.

Firewall log analysis is recognised as of an effective method to get the assurance of compliance with security policy implemented on the edge devices.