Сapabilities
The Stethoscope has two development priorities being the free of charge client version and the major business version. Both versions share the same core but use different methods of infrastructural integration and different component performance. Implementation peculiarities impose certain restrictions on the functions provided. There is a complete comparison table of two versions.
Real-Time Operation
Retrospective analysis of network activity is supplemented with possibility of analyzing network traffic on a real time basis based on accumulated data.
The program allows analyzing encrypted (SSL/TLS) traffic and controlling user network activity as well as tracking network activity of operating systems and programs.
Whole Traffic Recording
Saving the whole network traffic to discs with possibility of export and user-friendly adaptive configuration of the storage interval
.
Traffic Indexation and Classification
Indexation and classification of traffic using different parameters such as addresses, protocols, content, etc.
Controlling user network activity on the internet and tracking network activity of operating systems and programs.
Network Statistics Analysis
User-friendly tools for analyzing statistics of accumulated data on recorded network traffic.
Geolocation
High-quality identification of geographic locations of internet addresses.
Flexible Reporting System
Traffic under control: Illustrative visualization system with numerous reports.
Comparison Table of Stethoscope Free and Enterprise Versions
Capabilities | Free | Enterprise | Comment |
---|---|---|---|
Whole traffic recording | + | + | |
Recording of encrypted SSL/TLS traffic | + | + | [In the roadmap for Enterprise] |
Indexing the whole recorded traffic in the near real-time mode | + | + | |
Dynamic identification of protocols | + | + | |
Dynamic identification of geographic locations of internet addresses | + | + | |
Provision of lists of network interaction protocols used by the host | + | + | |
Provision of data on intensiveness of network resource usage by the PC | + | + | |
Provision of statistic data on usage of internet resources including frequency of site visits, outgoing and incoming traffic volume for each internet site | + | + | |
Provision of statistic data on traffic with the ability to view information on each network communication session of the user in the network | + | – | |
Provision of statistic data on traffic with the ability to view information on each network session of local host interaction | – | + | |
Provision of the list of local hosts interacting in the network | – | + | |
Provision of statistic data on traffic with the ability to view information on each network session for interaction of OS processes including core and system processes | + | – | |
Provision of the list of processes interacting in the network | + | – | |
Extracting and recording of application protocol objects such as emails, files, messages, internet addresses, email addresses, URLs, site names, user names and many other things | + | + | [In the roadmap] |
Indexing of application protocol objects to allow quick search and grouping by addressees, names and types of objects, and contents of objects | + | + | [In the roadmap] |
Provision of statistics on application protocol objects | + | + | [In the roadmap] |
Provision, including export, of application protocol objects and statistics for review and use as evidence during incident investigations | + | + | [In the roadmap] |
Displaying in the program interface and export of contents of user and host interaction networking sessions including decrypted data. | + | + | [In the roadmap] |
User Plugins | + | + | [In the roadmap] |
Routing decrypted sessions to third-party analyzers in the original traffic format | – | + | [In the roadmap] |
Automatic identification of outgoing content using pre-set parameters with possible blocking or replacing the content partially | – | + | [In the roadmap] |
Automatic identification of suspicious network activity of hosts with possible blocking | – | + | [In the roadmap] |