Stethoscope | Network analyzer Сapabilities – Stethoscope | NetworkAnalytics
rus / eng  

Сapabilities

The Stethoscope has two development priorities being the free of charge client version and the major business version. Both versions share the same core but use different methods of infrastructural integration and different component performance. Implementation peculiarities impose certain restrictions on the functions provided. There is a complete comparison table of two versions.

Real-Time Operation

Retrospective analysis of network activity is supplemented with possibility of analyzing network traffic on a real time basis based on accumulated data.
The program allows analyzing encrypted (SSL/TLS) traffic and controlling user network activity as well as tracking network activity of operating systems and programs.

Whole Traffic Recording

Saving the whole network traffic to discs with possibility of export and user-friendly adaptive configuration of the storage interval
.

Traffic Indexation and Classification

Indexation and classification of traffic using different parameters such as addresses, protocols, content, etc.
Controlling user network activity on the internet and tracking network activity of operating systems and programs.

Network Statistics Analysis

User-friendly tools for analyzing statistics of accumulated data on recorded network traffic.

Geolocation


High-quality identification of geographic locations of internet addresses.

Flexible Reporting System

Traffic under control: Illustrative visualization system with numerous reports.

Comparison Table of Stethoscope Free and Enterprise Versions

Capabilities Free Enterprise Comment
Whole traffic recording + +
Recording of encrypted SSL/TLS traffic + + [In the roadmap for Enterprise]
Indexing the whole recorded traffic in the near real-time mode + +
Dynamic identification of protocols + +
Dynamic identification of geographic locations of internet addresses + +
Provision of lists of network interaction protocols used by the host + +
Provision of data on intensiveness of network resource usage by the PC + +
Provision of statistic data on usage of internet resources including frequency of site visits, outgoing and incoming traffic volume for each internet site + +
Provision of statistic data on traffic with the ability to view information on each network communication session of the user in the network +
Provision of statistic data on traffic with the ability to view information on each network session of local host interaction +
Provision of the list of local hosts interacting in the network +
Provision of statistic data on traffic with the ability to view information on each network session for interaction of OS processes including core and system processes +
Provision of the list of processes interacting in the network +
Extracting and recording of application protocol objects such as emails, files, messages, internet addresses, email addresses, URLs, site names, user names and many other things + + [In the roadmap]
Indexing of application protocol objects to allow quick search and grouping by addressees, names and types of objects, and contents of objects + + [In the roadmap]
Provision of statistics on application protocol objects + + [In the roadmap]
Provision, including export, of application protocol objects and statistics for review and use as evidence during incident investigations + + [In the roadmap]
Displaying in the program interface and export of contents of user and host interaction networking sessions including decrypted data. + + [In the roadmap]
User Plugins + + [In the roadmap]
Routing decrypted sessions to third-party analyzers in the original traffic format + [In the roadmap]
Automatic identification of outgoing content using pre-set parameters with possible blocking or replacing the content partially + [In the roadmap]
Automatic identification of suspicious network activity of hosts with possible blocking + [In the roadmap]

Stethoscope Free

Fully functional operating version of the program for personal use solving basic problems of control and analysis of network activity.

Version history

    04/11/2018 1.5.6
    • - Low values became more noticeable on the gross graph;
      - Detailed description of the errors displayed to the user has been added;
      - Keyboard control in the content display area of sessions has been added;
      . . .
    01/31/2018 1.5.5
    • - The possibility of filter network sessions by DNS node names has been added;
      - The possibility of search in the network session content window has been added;
      - The possibility of multiple choice of network sessions for export to a file has been added;
      . . .
    10/13/2017 1.5.4
    • - Possibility of viewing the session data directly in the Console was added
      - Possibility of exporting the displayed session data with obtaining of all session data in advance was added;
      - Current status indication for the indexation and saving services, and the application server was added;
      . . .