• Comprehensive, Extensible Record/Reply/Audit Capability

    • Build-in Firewall. It gives you “Control and Audit” capability in one box. Even you can consider to replace your internal firewall with Session Auditor.
    • Real-time Session Monitoring. Active sessions are monitored in real-time, gaining instant visibility into operations on your critical servers.
    • Real-time Audit. Administrators and auditors can take action immediately on suspicious behaviour once it occurs.
    • Real-time Session Terminating. Session Auditor allows you to download and replay active sessions. If you find any policy-violating activities in these sessions, you can terminate them in real time to prevent further damage.
    • Script-based Auditing. You can use auditing scripts to search and locate specific activities such as password guessing, file deleting, application launching in monitored sessions.
    • Keyword Searching. You can quickly locate interested activities in text-based session by keyword searching.
    • VCR-like Session Replay. Provides maximum visibility and convenience of what’s happening in IT system. No need to rebuild remote user behavior from hundreds or even thousands of logs.
    • Tampering-proof Data Storage. Session Auditor stores audit data in dedicated storage appliance called Datacenter, except be dumped-then-deleted by administrator with dump privilege, no one else can delete or modify these data. By contrast, competitor products save audit data in local or remote folder of the servers, or save audit data in standard Microsoft SQL server. In both cases, there are risks that the audit data been deleted or tampered.
    • Powerful Reporting. Provide visibility into overall and detailed IT system running status. This also help build a network behavior baseline for the IT systems.

  • Easy and Straightforward Deployment

    • Network-based Solution. No impact to server performance and stability. By contrast, server-based software solutions may generate significant overhead to server performance, storage space and stability. Besides, the auditing process may be killed by privileged users and audit data have the risk of being deleted or tampered.
    • Transparency. You don’t have to change network and server configuration. The whole network environment keeps untouched after the Session Auditor deployment.
    • Hierarchical Deployment. Provides maximum scalability to meet growing needs of auditing requirement, covering large scale, distributed networks.
    • VLAN Trunk Deployment You can deploy Session Auditor Sensor on the VLAN trunk to monitor multiple VLANs simultaneously.

  • Out of Box Support Most of Protocols In Your Network

    • RDP, SSH, SFTP, SCP, X11, HTTPS, HTTP, SMTP, POP3, FTP, Telnet, Citrix ICA, VNC, HP RGS, Rlogin, CIFS, Samba, MSSQL, Oracle, Sybase
    • It’s a long list, right? It is growing …

  • Strong and Flexible Management and Administration Capability

    • Integrated Console. All configuration, management, monitoring and auditing tasks can be accomplished using a single integrated GUI Console. Most of competitive products need separated program to replay and analyzing recorded data.
    • Adminhost Control. Only allowed specified host can connect to the appliance using GUI Console.
    • Role-based User Management You can create multiple system accounts with different combinations of privileges.
    • Real Time Alert Allow you to immediately pinpoint the network or system fault and promptly eliminate it.
    • Centralized Online Upgrading. You can easily upgrade the Session Auditor through GUI Console. By contrast, for server based solutions, you have to login into every server to install the upgrade packages.
    • Appliance Time Synchronization. This ensures the time accuracy of audit records.
    • Syslog. You can send out the suspicious activities and system events to a syslog server in order to integrate with high level monitoring systems, e.g. a SOC.