NetSpective^® Technical Description

NetSpective is a network appliance that monitors a LAN for HTTP, FTP, and NNTP resource requests using the SideScan filtering technology. It can be configured to enforce the management of established Internet usage policies or to simply log requests made on these services, appending category flags to them. For additional flexibility, NetSpective can also be configured to take no action with regard to any of the above-listed resource requests. At the user interface level, these three discrete actions or policies are referred to as blocking, monitoring, and ignoring, respectively.

A sample deployment strategy is shown in Figure 1. For implementation purposes, it should be noted that NetSpective should be assigned to the address space of the clients to be monitored.

Figure 1: Typical NetSpective Installation Scenario

With one interface configured as a conventional network activity analyzer, the SideScan filtering technology reviews every raw network packet on the wire. As such, SideScan is highly redundant, and does not pose the risk of interrupting Internet access in the event of a shutdown or failure. The efficiency of the SideScan packet analysis process relies on highly accurate methods for detecting the target TCP protocols without the need for tracking individual TCP sessions. The Category Management process returns codes to the network analyzer indicating whether a specific request is either approved (monitored or ignored) or disapproved (blocked), based on the policies configured via the Web interface. If a request is disapproved, a TCP-terminate message is sent to both the client and the server, and the client is subsequently redirected to a dynamically generated "block" page hosted on NetSpective.