Web Monitor

• HTTP_Servers This rule logs URLs and hosts in the URL Log. This rule, like LogUnmatched, does not match connections. It is used for data collection only, not for blocking or allowing. When adding this rule, some options in the Rule Properties window are unavailable. It is recommended that you place this rule near the top of the list so it captures information for all HTTP data.

Proxy

• Socks4 / 5 Protocol that provides access to network services through a SOCKS proxy server. This may be used to hide a user’s identify and evade network management systems like PacketSure.
• HTTP-Proxy Matches HTTP requests that appear to be going to an HTTP proxy. Does not match cgi proxies which can be managed using the Remote Proxies category in the URL List.
• HTTP_URLList_Remote_Proxies Manages all proxies in the Remote Proxies category of the URL List with a single rule.

HTTP

Protocols that use the HTTP protocol to transfer files.

• HTTP Hyper Text Transfer Protocol (HTTP) is the underlying protocol of the World Wide Web.
• HTTP-ACTIVEX ActiveX controls are objects inserted into a web page or other applications to reuse packaged programming functionality; because these controls execute on a user’s computer, they may be a security and / or virus risk. This setting manages user attempts to transfer ActiveX controls through the HTTP protocol.
• HTTP-AVI Microsoft video format file transfers over HTTP.
• HTTP-EXE Manages user attempts to transfer executable files through the HTTP protocol. Because these files execute on a user’s computer, they may be a security and/or virus risk.
• HTTP-Audio-MPEG Manages user attempts to transfer MPEG audio files through the HTTP protocol.
• HTTP-Video_MPEG Manages user attempts to transfer MPEG video through the HTTP protocol.
• HTTP-QuickTime Manages user attempts to transfer Quick Time files through the HTTP protocol.
• HTTP-RAR RAR-format archive files transferred over HTTP
• HTTPS A secure connections for the HTTP protocol; it uses port 443.
• HTTP-Shockwave-Flash Shockwave allows users to view interactive Web content like games, business presentations, entertainment and advertisements from a Web browser. This setting manages user attempts to transfer Shockwave through the HTTP protocol.
• HTTP-Video_Flash Manages Flash video streamed over HTTP
• HTTP-Zip Manages user attempts to transfer Zip files through the HTTP protocol. Because there files execute on a user’s computer, they may be a security and/or virus risk.
• HTTP-HEAD Matches the HTTP HEAD request. Used for HTTP content analysis.
• HTTP-POST Matches the HTTP POST request, as in web-based email. Used for HTTP content analysis.

Misc

• AOL-TCP Manages use of the AOL information service over the internet.
• BOINC SETIatHome’s new distributed computation protocol.
• Compuserve-TCP Manages use of the Compuserve information service over the internet.
• Finger Finger User Information Protocol is a UNIX command used to gather information about other internet users. Finger uses port 79.
• Gopher A system that pre-dates the World Wide Web for organizing and displaying files on Internet servers. Gopher uses port 70.
• IDENT UNIX-based protocol that looks up real user names when a user attempts to login to a server.
• iTunes A pay-per-song music download service. CAUTION: the signature matches after the user pays for the song.
• NNTP Network News Transfer Protocol (NNTP) is a news service that transmits information through port 119.
• WakeOnLan A UDP packet that can start a machine on the network that has been shut down.

Special purpose

• Custom Enter your own Custom Match String for a protocol that you’ve identified and wish to manage. This is recommended only for advanced users.
• DiagVPN Matches connection to Palisade’s Diagnostics VPN server.
• DNS Query Manages activity on the domain name server (DNS).
• EthernetAddresses Matches packets that have a source or destination Ethernet addresses that is in a user-created list.
• EthernetNotAddresses Matches packets that do not have a source or destination Ethernet address that is in a user-created list.
• Everything Blocks, monitors, or ignores any connection by any of the protocols managed by PacketSure.
• HTTP_Hosts Matches host names in HTTP request with host names in a list that you create. If a hostname in the list begins with a period (.), it is considered a domain name and all hosts in that domain will match.
• HTTP_URLs Matches URLs in HTTP requests with URLs in a list that you create.
• HTTP_URLList Contains millions of web sites in 40 categories, such as Pornography, Hate, Weapons, etc. The list is automatically updated on the appliance once each day.
• LogUnmatched Logs all connections that do not match defined protocols.
• SSL Determine how much encrypted traffic is running (aside from HTTPS and POP3S)

File Types Analyzed

• PacketSure analyzes many different types of files for private content. Metadata, text, and character, sets are extracted for all types, except those marked with an asterisk (*). For these file types, only metadata (title, subject, author, etc.) is extracted.

www.bestitdocuments.com