For Your Secure Network

1. For Monitoring and Preventing of Information Leakages. 2. For Detection of Security Violation into a Nerwork as IDS 3. For Recording the Specified Communication 4. For Managing Plural Networks Unitarily 5. For Analysis of Large Quantities Data Flow
1. For Monitoring and Preventing of Information Leakages - Set up Right under a Firewall - Firewall prevents virus and attacks from the outside of a network. But in case of an information leak, the real problems are "the contents" of communication from the inside of a network. This is a system example in order to investigate the communication from the inside to the outside. Flow quantity will be increases, because it does not setup to a range limited like an entrance of DMZ, By the situation, to narrow down contents by using "an acquisition filter" should be considered.
2. For Detection of Security Violation into a Network as IDS - Set up Right under a Router - This example is for the study and the inspection of a firewall. Attack for a firewall is not left in logs of a firewall, and the communication which blocked by firewall is not recorded in firewall. In this case, because that flow quantity increases, it is necessary to validate only an IDS function and reduce operation
3. For Recording the Specified Communication - Set up in the Entrance of DMZ - This system is used in order to record only every email and in order to record only the use of WEB. The acquisition of the communication to an email server or a certain WEB server in DMZ from the outside, and the communication forwarded to an email server in LAN from an email server in DMZ to be enabled. This system can also be applied to the cases that watch a specified individual.
4. For Managing Plural Networks Unitarily - Plural Machine Recording-Analysis Management Unification Clusters - When it is non-effective to operate and manage each Packet Black Hole for a separate network like at development department and sales department, this example can integrate management. That is because every data of all nodes can be referred only by accessing one cluster controller in this system. It needs to refer to every screen of Packet Black Hole in each network in case of simple dispersion system.
5. For Analysis of Large Quantities Data Flow -A Recording-Analysis Separation Cluster- This system is for acquiring every data surely by dividing the record department and analysis department. Even if an error occurs with a machine for analysis in this system, a machine for record can continue recording data without any influence. Because of using a high-speed SCSI disk working stably in the acquisition department, there is less packet loss than in using simple separate system.

-Necessary Operations
After setting up "PacketBlackHole", you must check the following 4 points.
1. Set up your network system in the "Administration " page of "PacketBlackHole".
2. Set up your administrative host in the "Administration " page of "PacketBlackHole".
3. Check whether the hub's lamp, which is the back of "PacketBlackHole", turns on.
4. Check whether the inside LAN and that server are able to access the outside.

-Check Points
1. Inserting a network-cable, the lamp of hub turn on ?
2. The power-cable completely inserts ?
3. The backward power switch is correctly toward " $B!#!&(Bside" ? (It must be toward one side.)
4. You don't use "10 Base PacketBlackHole" to the exclusive 100 Base's networks ?

- Usages
1. By remote operation
"PacketBlackHole" has the opening IP address "192.168.1.240".
In the setting up, open the URL http://192.168.1.240/ by the browser, which computer must have the IP address from "192.168.1.1" to "192.168.1.254".
After that, ID and password are requested so that input "pbh" in ID and the password which is written in the Web password of the guide.

NB.)
If there is already the machine, which has the IP address "192.168.1.240", don't access that network.

2. By local operation
Starting up "PacketBlackHole" with a monitor, a keyboard and a mouse, you can log directly in it. Input "pbh" for the account and the password which is written in the pbh's password of the guide.
Double-click the "N" icon on the right side.

-About functions
For more detail, please visit the real administrative page.
1. System Configurations
$B!&%`!&%"!&%F!&%M(BTo set up the network configuration, the administrative host, the shutdown, the restart and the upgrade, etc in "PacketBlackHole".
2. Web Analysis
To check the visited Web sites.
3. Mail Analysis
To check the e-mail's title, sender, body and attachment, etc.
4. Intrusion Analysis
To get the original packets and analyze them. But this function needs the highly network know-how.