1. Manuals
  2. Brands
  3. Freedom9 Manuals
  4. Tuner
  5. freeGuard Capture 1000
  6. User manual

Freedom9 Capture 1000 User Manual

Internet content recorder and email archiver
Hide thumbs Also See for Capture 1000:
Table of Contents

Advertisement

Quick Links

Download this manual
freeGuard Capture
Internet Content Recorder and
Email Archiver
USER'S MANUAL
Part#:
ICR 1000
ICR 2000
Rev 2.0

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the Capture 1000 and is the answer not in the manual?

Questions and answers

Subscribe to Our Youtube Channel

Related Manuals for Freedom9 Capture 1000

Summary of Contents for Freedom9 Capture 1000

  • Page 1 freeGuard Capture Internet Content Recorder and Email Archiver USER’S MANUAL Part#: ICR 1000 ICR 2000 Rev 2.0...
  • Page 2 Freedom9 Inc. © Copyright 2008, the freedom9 company logo are trademarks or registered trademarks of Freedom9 Inc. All rights reserved. Windows is a trademark or registered trademark of Microsoft Corporation. Other trademarks or registered trademarks are the property of their respective holders.
  • Page 3 This equipment has been tested and found to comply with the regulations for a Class A digital device, pursuant to Part 15 of the FCC Rules. These limits are designed to provide reasonable protection against harmful interference when the equipment is operated in a commercial environment. This equipment generates, uses, and can radiate radio frequency energy and, if not installed and used in accordance with this user’s guide, may cause harmful interference to radio communications.

  • Page 5: Table Of Contents

    freeGuard Capture Appliance User’s Manual PRODUCT OVERVIEW ...9 INTRODUCTION...9 FEATURE HIGHLIGHTS...9 QUICK INSTALLATION...10 APPLIANCE FRONT PANEL ...10 Front panel for ICR 1000 ... 10 Front Panel for ICR2000 ... 11 SYSTEM DEPLOYMENT...12 Bridge Mode... 12 Sniffer Mode ... 13 ADMINISTRATION LOGIN...14 SETUP WIZARD ...16 SYSTEM CLOCK SYNCHRONIZATION...20 USER GROUPS MANAGEMENT ...21...
  • Page 6 LOG OUT ...32 Software Update... 33 USER LIST ...35 SETTING...35 Setting – Upload User List... 36 LOGGED USER LIST ...37 Logged User List – modify a user ... 38 Logged User List – Search... 39 Logged User List – Add new subnet to the group ... 40 Logged User List –...
  • Page 7 freeGuard Capture Appliance User’s Manual RECORDED SERVICE ...61 SMTP Messages ... 61 POP3/IMAP Messages ... 64 HTTP Records... 65 IM – Instant Messaging ... 66 Web SMTP Messages ... 67 Web POP3 Messages ... 68 Record – FTP Sessions... 69 Record –...
  • Page 8 EVENT LOG...102 TECHNICAL SUPPORT ...103 Online Support ...103 Telephone Support...103...
  • Page 9 freeGuard Capture Appliance User’s Manual Index of Figures Figure 1, ICR1000 Front Panel ... 10 Figure 2, ICR2000 Front Panel ... 11 Figure 3, Deployment - Bridge Mode ... 12 Figure 4, Deployment - Sniffer Mode... 13 Figure 5, Administration Login ... 14 Figure 6, Answer Yes to security alert for HTTPS on Web interface ...
  • Page 10 Figure 44, IM Management menu (expended) ... 43 Figure 45, IM Login Notice - configuration ... 44 Figure 46, IM Login Notice – MSN Example ... 45 Figure 47, IM notice - NetBIOS example... 45 Figure 48, IM notice – ICQ ... 46 Figure 49, IM Authentication Messages ...
  • Page 11 freeGuard Capture Appliance User’s Manual Figure 88, Remote Backup menu... 86 Figure 89, Remote Backup - Backup Settings ... 87 Figure 90, Remote Backup - Browse Settings ... 88 Figure 91, Remote Backup – Browse POP3/IMAP ... 89 Figure 92, Report Settings... 90 Figure 93, Daily report sent by the email ...

  • Page 13: Product Overview

    freeGuard Capture Appliance User’s Manual 1 Product Overview Introduction Thank you for purchasing the freeGuard Capture appliance, the Internet Content Recorder and Email Archiver. The freeGuard Capture appliance allows organizations to capture, track and report on Internet activities, such as: browsed web pages, web mail, SMTP/POP3 and IMAP mail, Instant Messaging applications (MSN, Yahoo messenger, ICQ, AIM), FTP and Telnet.

  • Page 14: Quick Installation

    2 Quick Installation Appliance front panel Interfaces and layout for the ICR appliance are listed below, Power Led Green: the appliance is powered on. Hard Disk LED Flashing: System is accessing data from the hard drive. Console Port One DB9 console port for serial cable connection. WAN/LAN ports RJ-45 ports allow you to connect to your WAN and/or LAN.

  • Page 15: Front Panel For Icr2000

    freeGuard Capture Appliance User’s Manual Front Panel for ICR2000 Figure 2, ICR2000 Front Panel...

  • Page 16: System Deployment

    Before you connect the ICR appliance into your live network, you may want to configure it according to your network topology and requirement. Please note, each ICR appliance from Freedom9 Inc has been pre-configured with IP address and one administration account. The default IP address for the ICR appliance is 192.168.1.1 with subnet mask set to 255.255.255.0, please make necessary changes to avoid IP conflict in...

  • Page 17: Sniffer Mode

    freeGuard Capture Appliance User’s Manual Sniffer Mode Link one of the internet recorder’s port to the mirror port of core switch or any port of the hub. Figure 4, Deployment - Sniffer Mode...

  • Page 18: Administration Login

    Administration Login Connecting the administration PC and ICR Appliance’s LAN port to the same Hub or Switch, make sure the administration PC is in the same network segment as the ICR appliance. The default IP address for ICR appliance is 192.168.1.1 with subnet mask 255.255.255.0. Start the web browser IE or Netscape, browse to http://192.168.1.1.
  • Page 19 freeGuard Capture Appliance User’s Manual...

  • Page 20: Setup Wizard

    Setup Wizard If it’s the first time that user log into the system, the Setup Wizard page will be displayed automatically. Setup Wizard will guide you through the basic configurations for the ICR appliance, please follow the instructions on each page. This page can also be found under System Setup Wizard will help you on the configurations on: Choose display language for the Web interface...

  • Page 21: Figure 10, Enter The Settings In Interface Address

    freeGuard Capture Appliance User’s Manual Name Binding: - Binding to IP addresses: When the system captures the network traffic, all the network packets from one IP address, will be treated as the one user. This method is usually used for the corporation with the static IP addresses implemented in their network.

  • Page 22: Figure 11, Enter The Subnet To Capture

    The management interface address must correspond to the company’s environment. Set the IP in same subnet as LAN. If the LAN is not the segment of 192.168.1.x, for example, the LAN is the segment of 172.16.x.x, then the interface IP needs to be changed to 172.16.x.x. For your reference, you may configure your management address based on the subnet ranges below: 10.0.0.0 ~ 10.255.255.255...
  • Page 23 freeGuard Capture Appliance User’s Manual If the interface IP has been changed in previous steps, and the Finish button was clicked, you’ll need to use the new IP address for your web browser, in order to log in again.

  • Page 24: System Clock Synchronization

    System Clock Synchronization Under System Date/Time, select Enable synchronize with an internet time Server (Please adjust system clock with this client , in order to provide the current time for the system. If the local area has the daylight saving time restriction, then select Enable daylight saving time setting.

  • Page 25: User Groups Management

    freeGuard Capture Appliance User’s Manual User Groups Management Under User List Setting, you can use your own name for the user groups, the number of supported user groups may vary depends on which model of ICR appliance you have. Figure 13, Set the name of department or group Under User List Logged, system will display the latest user list it captures in all the subnets that have been configured in previous steps.

  • Page 26: System

    3 System The ICR appliance is managed by the main system administrator. The main system administrator can add or delete any system settings and monitor the system status. The other group administrator have no competency to modify the system settings (the administrator’s name is set by the system main administrator), only can monitor the system status.
  • Page 27 freeGuard Capture Appliance User’s Manual Permitted IPs, list of IP addresses that can login to the Web interface Language, language used for page display Install Wizard, wizard for quick and easy configuration Logout, logout from the Web interface Software Update, upgrade the firmware of ICR appliance E-mail Setting under System/Setting, once configured, email alerts or reports will be sent out according to the settings.

  • Page 28: Administrator Accounts

    Administrator Accounts Each ICR appliance has a built-in user name for administrative purpose, it’s called “admin” by default, and it can’t be changed nor removed. System administrator has the privileges to add/remove a group administrator and manage its privileges of accessing the ICR appliance through the web interface.

  • Page 29: Figure 16, Create A Group Administrator - 1

    freeGuard Capture Appliance User’s Manual Figure 16, Create a Group Administrator – 1 Figure 17, Create a Group Administrator – 2...

  • Page 30: Interface Ip

    Interface IP Setup Interface IP Address Setup the IP address for the network interface for ICR appliance. Figure 18, Interface IP address setup Ping response can be enabled on the unit, so the unit will send back the response to the PING test from the administrative PC.

  • Page 31: System / Setting

    freeGuard Capture Appliance User’s Manual System / Setting System setting overview Figure 19, System setting page This page allows you to initialize the ICR appliance, backup/restore configuration files, perform a factory reset, Format the hard drive, repair the database, setup email alert, change the mode of the deployment, HTTP and HTTPS communication ports, time for system log messages history, and a button for system reboot.

  • Page 32: Backup / Restore Configuration Settings

    Backup / Restore Configuration Settings All the customer settings in the ICR appliance can be downloaded and saved to a file on your local computer, it provides a way to get all your settings back in case of hardware emergency. Click “Download”...

  • Page 33: Figure 21, Reboot Confirmation

    freeGuard Capture Appliance User’s Manual The reboot button will start the system reboot task once it’s been confirmed by the administrator. Some tasks such as “Format hard drive”, “Database repair” and system reboot may take some time to finish. Some changes to the settings require a system reboot, please save the changes first before the reboot.

  • Page 34: Date / Time

    Date / Time The date and time settings can be changed to the current computer’s system clock, or be synchronized to an Internet Network Time Server (NTP). Figure 22, System date/time setting Synchronize system clock The IP address of the NTP server is required in order to have the ICR system clock get synchronized, you can also determine the frequency of the synchronization.

  • Page 35: Permitted Ip Addresses

    freeGuard Capture Appliance User’s Manual Permitted IP Addresses The access to the administration Web interface can be limited to only certain workstations with specific IP addresses, which is called “Permitted IP addresses”. Step 1, Add the Permitted IP Addresses for HTTP, HTTPS and/or PING Step 2, Disable the HTTP and HTTPS under System/Interface IP page Figure 23, Add a new Permitted IP Address Once click OK, the IP address will be added to the list.

  • Page 36: Language

    Language Change the display language of the Web interface, this task does not require the system reboot. Wizard The quick and easy way to configure the ICR appliance is to use the Setup/Install Wizard. It’ll guide you through the display languages, system clock, system deploy mode, client/user name binding method, the settings of network interfaces and the subnets for capturing.

  • Page 37: Software Update

    freeGuard Capture Appliance User’s Manual Software Update For new release of the firmware, you can update it with the “Software update” page. The current firmware version will be shown on the page. Figure 26, Firmware update Running the update in LAN is strongly recommended, i.e. using a workstation physically located in the same LAN with ICR appliance.
  • Page 38 Please make sure the firmware is correct for the model you have, to avoid any possible data lost or discrepancy. For more information on the release of the new firmware, please contact Freedom9 technical support team.

  • Page 39: User List

    freeGuard Capture Appliance User’s Manual 4 User List Under User List pages allow administrators to manage the user groups, turn on or off the network traffic capturing for all users. Figure 28, User List menu Setting The administrator with proper privileges can create, modify or remove a user group. The number of user groups to be managed may vary depends on the model of ICR appliance, for ICR1000 up to 12 user groups can be created / managed, for model ICR2000 it’s 36.

  • Page 40: Setting - Upload User List

    The list of user groups can be saved / exported to the local file of the management workstation, and it can be imported / uploaded from a “.CSV” file. Figure 30, Save / export user groups to file Setting – Upload User List You can download the file for the user list, and then modify the CSV file to add more entries manually.

  • Page 41: Logged User List

    freeGuard Capture Appliance User’s Manual Logged User List The ICR appliance comes with automatic IP or MAC addresses discovery, it scans all the network traffic passing through, and bind them with a user name if there’s a computer name can be recognized, all the subnet will be identified. Users will be classified based on its subnet and listed on the “User List / Logged”...

  • Page 42: Logged User List - Modify A User

    Logged User List – modify a user Click on any user to modify the details for it, you can assign a new user name, change or assign the group name, or move the user to the Ignore List. Figure 33, Modify a user - 1 Figure 34, Modify a user - 2...

  • Page 43: Logged User List - Search

    freeGuard Capture Appliance User’s Manual Logged User List – Search You can search for a user in the subnet, by clicking the search icon, as shown in the picture below, Figure 35, Search for a user Once you click the search icon, a pop up browser window will display the search dialogue box.

  • Page 44: Logged User List - Add New Subnet To The Group

    Logged User List – Add new subnet to the group To add a new subnet to the Group, click “Add” button. Figure 38, Add a new subnet to the user group Figure 39, Add a new subnet – Example After click OK button, the new subnet will be added and shown,...

  • Page 45: Logged User List - Dept/Group View

    freeGuard Capture Appliance User’s Manual Logged User List – Dept/Group View To view the users under each group, click the “Department/ Group” link at the top, the page will change to the user group view. Figure 40, User List - Group View You can also move a “Logged”...

  • Page 46: Ignored User List

    Ignored User List This page gives you the list of ignored users, as shown in the picture below. To capture the network traffic from/to the Ignored user again, just check the box left to the user and click the button “Logged”. All the users on the internal network will be discovered and they will be displayed on the User List / Logged page.

  • Page 47: Instant Messaging Management

    freeGuard Capture Appliance User’s Manual 5 Instant Messaging Management IM (Instant Messaging) management provides system administrator with flexibility and facility in managing IM access. In the bridge mode, the ICR appliance can be configured to grant or deny IM access based on account or IM application.

  • Page 48: Login Notice - Examples

    Figure 45, IM Login Notice - configuration Login Notice - Examples Here’s an example for the notification in MSN messenger clients. Once the user successfully signed on to MSN server using MSN client, a MSN conversation window will be popped up, with the notification text message configured in the ICR web interface.

  • Page 49: Figure 46, Im Login Notice - Msn Example

    freeGuard Capture Appliance User’s Manual Figure 46, IM Login Notice – MSN Example Here’s an example for NetBIOS message, Figure 47, IM notice - NetBIOS example Example for ICQ,...

  • Page 50: Figure 48, Im Notice - Icq

    Figure 48, IM notice – ICQ...

  • Page 51: Authentication

    freeGuard Capture Appliance User’s Manual Authentication IM access can be well managed by IM Authentication. System administrator may, accordingly, adopt one of the four available authentication methods, namely User, Radius, POP3 and LDAP, to regulate internal users’ access to instant messaging. Setting Authentication Message is used to prompt the users when they try to sign on from the IM client.

  • Page 52: Radius

    RADIUS POP3 LDAP...

  • Page 53: Rules

    freeGuard Capture Appliance User’s Manual Rules Default Rule IM access can be regulated based on the IM clients (including web-based clients). For newly detected IM users, the default rule will be applied. Figure 50, IM Authentication - Default Rules...

  • Page 55: Account Rule

    freeGuard Capture Appliance User’s Manual Account Rule Accounts are classified into three categories, namely default account, accept account and drop account. System administrator may regulate the IM access by arranging users in different account. Figure 51, IM Authentication - Account Rules Click the top bar to choose different rules for supported IM protocols.

  • Page 56: P2P Management

    6 P2P Management When the ICR appliance is working on the Bridge mode, it can be used to allow or block the P2P (Peer to Peer) network traffic passing through. System administrator may grant or deny access to P2P applications based on protocol or the user.

  • Page 57: User Rule

    freeGuard Capture Appliance User’s Manual User Rule Accounts are classified into three categories, Default accounts Accept accounts, the user is allowed to use the P2P protocol Drop accounts, the user is not allowed to use the P2P protocol, the request will be dropped.
  • Page 58 To move the two users to be the Drop accounts list, just click the link says “to Drop”,...

  • Page 59: Record

    freeGuard Capture Appliance User’s Manual 7 Record This section will allow the administrator to configure the way how ICR appliance captures the network traffic, search / view / download or remove the captured records according to network protocols or user names. Setting Under Record / Settings, you’ll find the configuration page for the general settings of capturing.

  • Page 60: Signature Pattern Update (Web Mail, Im, P2P)

    Signature Pattern Update (Web Mail, IM, P2P) In order to efficiently filter emails and inspect the use of IM and P2P software, the signature patterns need to be updated from Freedom9’s update server. For authorized customers of the ICR appliance, system will automatically check for the signature pattern update at a certain time each day (randomly determined by the appliance).

  • Page 61: Lan To Lan Recording

    freeGuard Capture Appliance User’s Manual LAN to LAN Recording The ICR appliance is capable of recording the data transmission among LANs, it is suggested to be checked for the scenario that the users are accessing the Internet through an on-site proxy server. The maximum entries to be displayed This option allows you to specify the records per page to be displayed on the Web interface, any integer value from 10 to 200 are valid.

  • Page 62: Http Cache Setting

    HTTP cache setting This option allows you to keep a copy of what the HTTP web pages visited by the user. If it’s checked, a snapshot of the visited pages will be saved to the local hard drive. Otherwise, only the URL of the link will be kept.

  • Page 63: Record - User

    freeGuard Capture Appliance User’s Manual Record - User Display all the captured records by users per day. Figure 57, Captured data by user Move the mouse to the user name for details, To switch to the department / group view, click on the button called “Department/Group”. Click the user name / IP address to show the pop up menu for that user, from where you can navigate to show records of the user for all protocols.

  • Page 64: Figure 58, Customer View Search By User

    Or you can choose “Customer View” from the pop up menu for more specific search over the history, Figure 58, Customer view search by user...

  • Page 65: Recorded Service

    freeGuard Capture Appliance User’s Manual Recorded Service Under Service section, a list of protocols that can be captured by the currently firmware will be listed. In the current firmware, ICR appliance supports all major protocols used in network communication, including SMPT, POP3, IMAP, HTTP, IM, Web SMTP, Web POP3, FTP and Telnet.

  • Page 66: Figure 61, Records Captured - Forward

    To forward a copy of the messages to a specific recipient, tick all the check boxes in front of the message that you want to forward, and then click the Forward icon Figure 61, Records Captured - Forward To search for the records or define the search criteria, click the Search icon , the search page will be displayed.

  • Page 67: Figure 63, Download The Search Result

    freeGuard Capture Appliance User’s Manual The search result will look like this, all the keywords are high lighted, as shown below. All records are displayed per day. To save the searched result to a local file, click the “Download” button on the search page, Figure 63, Download the search result...

  • Page 68: Pop3/Imap Messages

    POP3/IMAP Messages It captures and archives all the emails received by the email clients. Figure 64, Records Captured - POP3/IMAP To search for the records or define the search criteria, click the Search icon , the search page will be displayed. Depends on the data volume, the search in the email database may take some time.

  • Page 69: Http Records

    freeGuard Capture Appliance User’s Manual HTTP Records It captures and archives all the visited URL addresses and web page contents. Figure 65, Records Captured - HTTP To search for the records or define the search criteria, click the Search icon , the search page will be displayed.

  • Page 70: Im - Instant Messaging

    IM – Instant Messaging It captures and archives the source addresses, conversation details and display names of an instant messaging chat, it can also capture and archive file(s) transferred during the text conversation. Figure 66, Records Captured - IM More examples for captured IM chats, To search for the records or define the search criteria, click the Search icon - , the IM search page will be displayed.

  • Page 71: Web Smtp Messages

    freeGuard Capture Appliance User’s Manual Web SMTP Messages It will capture and archive web-based emails sent from the web mail server. Depends on the model and firmware version, the supported Web-based email server may vary. Currently ICR appliance supports web mail service provided by Yahoo, GMail, Hotmail, Seednet, PChome, Hinet, Sina, Sohu, 163, 126, Yam and Tom.

  • Page 72: Web Pop3 Messages

    Web POP3 Messages It captures and archives emails received through Web-based email servers. Depends on the model and firmware version, the supported Web-based email server may vary. Currently ICR appliance supports web mail service provided by Yahoo, GMail, Hotmail, Seednet, PChome, Hinet, Sina, Sohu, 163, 126, Yam and Tom. An example of the captured records through Web POP3 communication, to view the email message, simply click on the URL under the “Subject”...

  • Page 73: Record - Ftp Sessions

    freeGuard Capture Appliance User’s Manual Record – FTP Sessions It archives files transferred via FTP protocol. Figure 69, Records Captured – FTP To download the captured FTP transfer, click on the URL under “File Name” column. Figure 70, Records Captured - FTP, download a copy A pop up Window will prompts you to save or open the file.

  • Page 74: Record - Telnet Sessions

    Record – Telnet Sessions It records the details of a session communicated through Telnet protocol. Figure 71, Records Captured – Telnet Sessions To view the details for the session, click the icon under Detail column, The screen shot below is an example of the captured Telnet login. Figure 72, Telnet Session Details...

  • Page 75: Flow Analysis

    freeGuard Capture Appliance User’s Manual 8 Flow Analysis Flow Analysis includes Today Top-10, History Top-N and Flow Statistics, which provides the system administrator an instant insight to the bandwidth usage analysis, and it’s based on user and services (network protocols). This feature is included for certain models of the ICR appliances, for example ICR2000.

  • Page 76: Today Top-10

    Today Top-10 The top 10 of bandwidth usage chart by users and services. Chart of Traffic vs. Time X-axis indicates the traffic flow sampled in bits per second. Y-axis indicates time. Blue line signifies the continuous variation of the major services Brown line signifies the continuous variation of other services Gray line indicates the continuous variation of all services Bandwidth usage by users.
  • Page 77 freeGuard Capture Appliance User’s Manual Detailed statistics per user can be displayed by clicking on the user name with the URL link.

  • Page 78: History Top-N

    History Top-N The top 10 users of bandwidth and the most frequently used services of a specific period of time will be displayed, page navigation is provided in order to view the data for all the users. Figure 75, Flow Analysis - Top N In History statistics in Service Top N view, all the services will be displayed in pages.
  • Page 79 freeGuard Capture Appliance User’s Manual The Web interface allows administrator to send a copy of the report by email, the recipient will get an email with a PDF formatted report attached. The administrator can also download the report to local hard drive for future reference, by clicking the “Download”...

  • Page 80: Flow Statistics

    Flow Statistics This page displays the statistics chart of the packets processed in the certain period. Figure 76, Flow Analysis - Statistics Chart...

  • Page 81: Anomaly Flow Ip

    freeGuard Capture Appliance User’s Manual 9 Anomaly Flow IP When the corporate network is under a DoS (or DDoS) attack, the ICR appliance will take actions (such as sending alerts) to protect the internal network. This chapter will be discussing the functionality and application of Anomaly Flow IP. Overview Threshold sessions of anomaly flow (per Source IP) Threshold value to identify the anomaly flow.

  • Page 82: Anomaly Flow Ip Setting

    Anomaly Flow IP Setting When the number of concurrent sessions from an IP address has exceeded the threshold, ICR appliance will treat the IP address as an anomaly flow IP, block data sent from it and send out email alert notification to designated email address. If the “Enable Anomaly Flow IP Blocking”...

  • Page 83: Virus Infected Ip

    freeGuard Capture Appliance User’s Manual Virus Infected IP A list of computers those might be infected by Virus. When a DDoS attack occurs, the ICR appliance will add an entry to the list, and send out alert by email and/or NetBIOS notification.

  • Page 84: Intrusion Ip

    Intrusion IP All the possible intrusion from Internet detected by the ICR appliance will be listed, including the source IP address and the time of the event happened. The administrator can click the “Clear” button to remove all the records in the list, or click “Download”...

  • Page 85: 10 Local Disk

    freeGuard Capture Appliance User’s Manual 10 Local Disk All the captured records of network traffic are stored in the built-in hard disk. The Web interface of ICR appliance provides a summary report of disk space usage based on the network protocols and users. The administrator may decide the storage time for records of every network protocol.

  • Page 86: Figure 84, Storage Time

    Figure 84, Storage Time...

  • Page 87: Disk Space

    freeGuard Capture Appliance User’s Manual Disk Space This page gives you the usage report of the built-in hard drive space, depends on the model of ICR appliance, the disk capacity may vary. The report also provides the space used by all the protocols that been captured, and the space used by each individual captured users (identified by IP or MAC address).

  • Page 88: Figure 85, Disk Space Usage

    Figure 85, Disk Space Usage An example to the disk space usage report, Figure 86, Disk Space Usage Report...

  • Page 89: Figure 87, Disk Space Usage Details (Continued)

    freeGuard Capture Appliance User’s Manual Different color will be used for each protocol, which makes the chart easy to read. Figure 87, Disk space usage details (continued)

  • Page 90: 11 Remote Backup

    11 Remote Backup Running a storage shortage is always a disaster especially when calling for archiving valuable information for a long-term storage. The ICR appliance features Remote Backup which will be run automatically to create a copy of the captured records to a remote storage device, such as a NAS – Network Attached Storage device or a network share.

  • Page 91: Settings

    freeGuard Capture Appliance User’s Manual Settings Backup Settings Figure 89, Remote Backup - Backup Settings Connection Status of Remote Hard Disk Displays the access validity, assigned access privilege (read/write), space requirement for next backup and current available space of remote storage space. E-mail Setting Once enabled, the designated recipient(s) will receive a notification about the completion of backup through an e-mail.

  • Page 92: Browse Settings

    Backup Setting Determines of which service, location and schedule to backup. Backup Immediately Perform a backup for all the services / protocols in a particular period. Once the duration is defined, the required hard drive space will be displayed on the screen.

  • Page 93: Browse

    freeGuard Capture Appliance User’s Manual Browse Under Browse the menu lists all the major network services supported by the ICR appliance. Click the service name to show captured records of it. To search in the same service, click the search icon - ;...

  • Page 94: 12 Report

    12 Report Report delivers system administrator a quick insight to network traffic and storage space utilization with graphical charts, bettering the management on corporate network. Setting Settings – Scheduled Report / Periodic Under Report Settings, you can define how the report will be generated and sent to the administrator’s email address (which is defined in the System/Settings/Email settings).

  • Page 95: Figure 93, Daily Report Sent By The Email

    freeGuard Capture Appliance User’s Manual Figure 93, Daily report sent by the email...

  • Page 96: Figure 94, Sample Report By Email - Network Traffic

    Figure 94, Sample Report by Email – Network Traffic...
  • Page 97 freeGuard Capture Appliance User’s Manual...

  • Page 98: Settings - History Report

    Figure 95, Daily Report by Users (partial) Schedule for periodic report: 1. Yearly report gets generated at 12:00 am on January 1st the year. 2. Monthly report gets generated at 12:00 am on the first day of the month. 3. Weekly report gets generated at 12:00 am on the first day of the week. 4.

  • Page 99: Figure 96, Report Sample - Weekly Report

    freeGuard Capture Appliance User’s Manual Figure 96, Report Sample - Weekly Report...

  • Page 100: Figure 97, Report Sample - Weekly Traffic

    Figure 97, Report Sample - Weekly Traffic Weekly report by user.

  • Page 101: Storage Report

    freeGuard Capture Appliance User’s Manual Storage Report Storage Report shows the bar charts of disk usage, indicating the disk space utilization of each service. It has viewed by day, week, month or year. How to read the chart, Y-axis indicates the used disk space in MB. X-axis indicates time.

  • Page 103: 13 System Status

    freeGuard Capture Appliance User’s Manual 13 System Status System Status page shows the resource usage, session amount and system event log of the ICR appliance. System Info Includes the usage of CPU, hard disk, memory and RAM disk, all information are illustrated separately in different histograms.

  • Page 105: Current Session

    freeGuard Capture Appliance User’s Manual Current Session This page shows the active sessions created by each service, such as HTTP, FTP, POP3, SMTP, IM, Telnet, Web Mail and P2P. Figure 99, System Status - Current Session Records can be searched with criteria, such as service, status, protocol, source IP, destination IP and port number, as keyword or pattern.

  • Page 106: Figure 101, Status - Event Log

    Event Log This page shows all the system events of the ICR appliance. Older event will be removed from the system, based on the expiration date for the event log is defined in “System / Settings / Log storage time” area. Figure 101, Status - Event Log To view more information for the event, click the icon under “Detail”...

  • Page 107: Technical Support

    Capture Appliance User’s Manual 14 Technical Support Online Support All the trouble shooting tips will be updated and published on Freedom9’s official Web site, please check the support page www.freedom9.com/support for latest information on technical articles, frequently asked questions, successful stories etc.

This manual is also suitable for:

Capture 750Capture 2000Freeguard capture

Table of Contents