BitAware Network Monitor
BitAware is a professional network analyzer (also known as network sniffer & packet sniffer), it performs real-time packet capturing, 24/7 network monitoring, advanced protocol analyzing, in-depth packet decoding, and automatic expert diagnosing, It allows you to get a clear view of the complex network, control user activity, and troubleshoot network problems.
Key Features
- Real-time and 24/7 network monitoring
- Gbps traffic, zero drop ratio
- Advanced protocol analyzing and in-depth packet decoding
- Monitor real-time network utilization
- Per-user and per-subnet performance detecting
- Total limit & control of network activity
- Intelligently identify dangerous user & host
- Automatic and expert network diagnosis
With the help of BitAware, you can easily accomplish the following tasks:
1. Network traffic analysis
2. Network communication monitoring
3. Network problems diagnosis
4. Network security analysis
5. Network performance detecting
6. Network activity control
Features
-Traffic chart
Show network traffic of recent 30 minutes within a chart.
-Traffic statistics
Show several traffic statistics, include total packets / bytes, HTTP clicks, mail amount, FTP files, chat message amount, etc.
-Traffic billboard
List top 10 traffic-exhausting users / hosts.
-Internal host monitor
View traffic details of all hosts in local network, include flow statistics, current traffic load, Alive TCP connections, TCP SYNs, and performance status (Drop Ratio, Bandwidth, Transfer Delay, etc).
-External host monitor
View traffic details of all hosts from external network, this helps to find out which external network is the most frequently communication peer of local users.
-Interested host monitor
View traffic details of your interested hosts, which can be pre-defined with IP address.
-HTTP activity monitor
Record & display HTTP activities, every web-click is recorded at real-time.
-Mail monitor
Record & display all mail send / received with POP / SMTP protocol, with detail information of from / to mail address, subject, attachment name, save mail content as outlook file as your wish.
-FTP monitor
Record & display all FTP activities, record and save transferred FTP files.
-Telnet monitor
Record & display all Telnet commands.
-Telnet monitor
Record & display all Telnet commands.
-MSN message monitor
Record & display all MSN chat messages.
-Traffic statistics
Display flow statistics, group by protocol and subnet.
-Performance view
Display performance status of all local subnets.
-Passive mode firewall
When connected to network with a HUB, the passive mode firewall can cut off and disable any TCP connections as your wish.
-Keyword alert & prevent
Define several keywords, when these keywords appear in any packet of a TCP connection, warning alarm is triggered and further communication can be prevented automatically as your wish.
-Website blacklist
Prevent accessing any pre-defined website.
-Alias management
Define alias for local hosts, both MAC & IP address supported.
-Traffic alarm
Intelligently identify dangerous user & host. this feature is based on deep analyzing of traffic payload / TCP SYN amount / web request amount and etc. This helps to find out DoS attack or malicious users at real-time.
Sytem requirements
Recommended requirements:
P4 3.0G CPU
1 GB RAM or more
Supported Windows Platforms:
Windows 2000 (SP 4 or later)
Windows XP (SP 1 or later) and x64 Edition
Windows Server 2003 (SP 2 or later) and x64 Edition
Windows Vista and x64 Edition
Notes:
You are required to have the "Administrator" level privileges on supported operating system in order to load and unload device drivers, or to select a network adapter for using the program to capture packets.
Install with a shared hub
If your network switch has no management function, also your network is not large (bandwidth between LAN and internet is less than 10Mbps). A shared hub is recommended.
Hubs are commonly used to connect segments of a LAN. When a packet arrives at one port, it is copied to the other ports so that all segments of the LAN can see all packets. A passive hub serves simply as a conduit for the data, enabling it to go from one device (or segment) to another.
With a shared hub, The entire network data transmitted through the hub will be captured, including the entire communication between LAN and internet.
Another advantage of shared network is that BitAware¡¯s firewall function is available: BitAware is able to send fake TCP SYN / FIN packets which help to cut off unwanted or dangerous TCP connections.
Topology illustration 1
Install with port mirroring
most modern switches (management switches) support "port mirroring", which is a feature that allows you to configure the switch to redirect the traffic that occurs on some or all ports to a designated monitoring port on the switch. With this feature, you can monitor the entire LAN segment in switched network environment.
To install with port mirroring, you should configure your LAN switch, designate a monitoring port, then install BitAware on this monitoring port (mirror port/span port).
Mirror port configuration:
-Mirror the way out port to the management port (mirror port), in this way the entire data transmitted into/out of LAN can be monitored.
-Mirror all way out ports to the management port (mirror port), in this way not only the entire data transmitted into/out of LAN but also the communication among hosts in LAN can be monitored. (Recommend)
Note: Different brands' switches may apply different mirror port configurations, please refer to the instructions coming with your switch.
Topology illustration 2
