The NitroICE™ Intelligent Content Extraction Engine
Expanding Visibility into Application and Protocol Use
The NitroICE engine decodes layer-7 information, and provides analysis of the application and protocol information as seen on the network. This allows for application contents to be monitored and examined in-line, for purposes of fraud detection and data leakage prevention.
NitroICE allows detection rules to be triggered on user, application, client & host names; IP addresses and port numbers; email addresses, subject line; website url’s; filenames, types & size; protocols, date-time, printer jobs; and even document contents (e.g. PII, PHI, user-defined).
This allows NitroICE to detect:
- Application Violations— Unauthorized use of applications such as IM, P2P, etc.
- Application Anomalies— Unexpected use of authorized applications: large files, unexpected attachments, etc.
- Leakage of sensitive data— via Email, Web Mail, IM/Chat, P2P apps, etc.
- User Violations— deactivated or black-listed users
- Password Violations— weak or default passwords
- Data Access Anomalies— user access to sensitive content outside office hours
- Data Leakage— sensitive data within chat or email, printed, etc.
NitroICE is capable of decoding and analyze over 500 applications, documents and protocols, including:
- File Transfer— FTP, HTTP, SSL (setup certs only)
- Email— SMTP, POP3, NNTP, MAPI
- Web Mail— Hotmail, Hotmail Delta Sync, Yahoo mail, AOL mail, Gmail
- Chat— MSN, AIM/ICQ, Yahoo, Jabber, IRC
- Peer-to-Peer File Sharing— Gnutella
- Shell— Telnet, SSH (detection Only)
- Printer— PJL, IPP, LPD/LPR
Supported Protocols and Applications:
Supported applications and document types
Supported protocols
These icons link to social bookmarking sites to help share this content.
Log in
