Bedienungsanleitung Kerio Tech Network Monitor

Inhaltszusammenfassung zur Seite Nr. 1

User’s Guide
Kerio Technologies

Inhaltszusammenfassung zur Seite Nr. 2

C 2001–2003 Kerio Technologies. All rights reserved. Printing date: April 10, 2003 Current product version: Kerio Network Monitor 2.1.0. All additional modifications and up-dates reserved.

Inhaltszusammenfassung zur Seite Nr. 3

Contents 1 Introduction ............................................................... 5 2 Quick Checklist ............................................................ 7 3 Technical Information ...................................................... 9 3.1 Kerio Network Monitor Components ................................... 9 3.2 How does Kerio Network Monitor work? ................................ 9 3.3 Technical Limitations ............................................... 12 4 Installation .....

Inhaltszusammenfassung zur Seite Nr. 4

8 Web Interface ............................................................ 59 8.1 Connection to the Web Interface ..................................... 59 8.2 Page Main .......................................................... 60 8.3 Page Chart .......................................................... 60 8.4 Page Report ......................................................... 60 8.5 Page Connections .................................................... 61 8.6 Page Logs ......................

Inhaltszusammenfassung zur Seite Nr. 5

Chapter 1 Introduction KerioNetworkMonitor isasmall,thoughpowerfultoolforonlinemonitoringofnetwork traffic. It offers a whole set of choices which activities and events can be monitored. Line load chart The online display of the Internet connection load (incoming and out- goingtraffic)inthetimerangefrom1minuteand1year. Theaveragetransferspeeds areshownfor3seconds(1minutegraph)uptofor3daysintervals(for1yeargraph). Boththetotaltrafficandthetrafficforparticularusers(workstationsinthenetwork) can be displaye

Inhaltszusammenfassung zur Seite Nr. 6

Chapter 1 Introduction transferred using encrypted connections). The sender address, the recipient address and the size of sent message are stored. ICQ log Use the ICQ Log dialog to view information on communication through ICQ and ICQ2Go protocols. ICQ numbers and nicknames of senders and recipients as well as message body are logged. Remote access KerioNetworkMonitor hasseparatedmonitoringservice(Daemon)and the user interface. These two components communicate together via the TCP/IP pro- tocol

Inhaltszusammenfassung zur Seite Nr. 7

Chapter 2 Quick Checklist Thischaptergivesyouabasicstep-by-stepguidetoquicklysetuptheimportantparam- eters of Kerio Network Monitor program so that it can be used immediately. If you are unsure about any of its steps, look up the chapter dealing with the appropriate prob- lems. 1. Choose suitable computer in your network and install both components of Kerio Network Monitor on it (see chapters 4 and 3.3). 2. Logintotheviewer(seechapter5.1)andchoosetheadapters,onwhichthepackets are to be monitored

Inhaltszusammenfassung zur Seite Nr. 8

Chapter 2 Quick Checklist 8

Inhaltszusammenfassung zur Seite Nr. 9

Chapter 3 Technical Information 3.1 Kerio Network Monitor Components Kerio Network Monitor consists of two separate components: Watching service (Daemon) Theexecutivecoreoftheprogramthatcapturesthepack- ets and saves the data into a file on the disk. It runs as a service (in Windows NT/2000/XP) or as a background application (in Windows 9x/Me). Viewer It is intended for viewing and analyzing gathered data and configuration of the service. The communication between the viewer and the Daemon is kept

Inhaltszusammenfassung zur Seite Nr. 10

Chapter 3 Technical Information including headers, etc.). The information gathered by Kerio Network Monitor can therefore differ from those acquired by the other tools (the deviation should not excess40%—ifthereisseveraltimeshigherdifference,itisnecessarytolookforthe mistake in the network or in the program configuration). Viewing current connections All captured IP packets are scanned for TCP segments openingandclosingconnection(withattributesSYN andFIN).SoKerioNetworkMon- itor hasinformationabout

Inhaltszusammenfassung zur Seite Nr. 11

3.2 How does Kerio Network Monitor work? data (the high resolution data — one file per day, the low resolution data — one file per 28 days). Then there are created the following subfolders: • browse — the information about the captured objects of the monitored services (URLs of web pages, E-mail addresses, FTP relations, etc.) • captured — captured objects (e.g. captured WWW pages, E-mail messages, etc.) • logs — files with the logs (see chapter 7.7) • debug — the data stored for detail monitoring

Inhaltszusammenfassung zur Seite Nr. 12

Chapter 3 Technical Information Warning: Subfolder license must remain in the same folder as the program files (i.e. where was Kerio Network Monitor originally installed)! After changing the folder and possible copying the measured data you can again run Network Monitor Daemon. 3.3 Technical Limitations The principle how Kerio Network Monitor works implies some small limitations. They are to be kept in mind especially when choosing the computer for installation of Kerio Network Monitor Network Co

Inhaltszusammenfassung zur Seite Nr. 13

3.3 Technical Limitations The most common case is the situation when the mail server runs on the computer that is also the internet gateway. Kerio Network Monitor then “sees” only the local communi- cation of the clients with the mail server. In the default configuration of Kerio Network Monitor are created rules, which consider this communication to be the Internet com- munication (so that the volume of the data is measured. It is necessary to keep in mind that the volume of the date is measured

Inhaltszusammenfassung zur Seite Nr. 14

Chapter 3 Technical Information 14

Inhaltszusammenfassung zur Seite Nr. 15

Chapter 4 Installation Kerio Network Monitor can be installed on any computer in your local network running Windows 95 OSR2, 98, Me, NT 4.0, 2000 or XP operating system. Older versions are not supported. Installation is performed by running the installation archive e.g.: kerio-netmon-2.10-en-win.exe Duringtheinstallation,theusercanchoose,whichcomponentsofKerioNetworkMonitor are to be installed: NetMon Daemon Monitoring service (Daemon). It must be installed on the computer, where you want to mon

Inhaltszusammenfassung zur Seite Nr. 16

Chapter 4 Installation NetMon Application Viewer. It can be installed on any number of computers, where you will connect to the service from. Note: We recommend to install the viewer also on the computer, where will be the monitoring service (Daemon) installed (to allow local connection in case of any prob- lems with the network; in the case of Windows 9x/Me it is the only way how to stop and start the service — see chapter 5.2). The Daemon is started automatically (there is no need to restart t

Inhaltszusammenfassung zur Seite Nr. 17

4.2 Importing the License Key Pressing the button Import license displays a dialog for opening the file with the license (license.key). When it is loaded successfully, the information about current license will appear in the section License information: ID Identifier of the license (serves e.g. for verification of the license authenticity) Holder Holder of the license — individual or organization, which bought the product. Number of users The number of users (i.e. IP addresses of the computers in t

Inhaltszusammenfassung zur Seite Nr. 18

Chapter 4 Installation 18

Inhaltszusammenfassung zur Seite Nr. 19

Chapter 5 Program Control 5.1 Logging in the Viewer The viewer can be started by choosing Programs → Kerio → Network Monitor in the menu Start. The login dialog is shown after the program is started . In the section Login to choose, where the Kerio Network Monitor Daemon service is run- ning: local NetMon service Daemon The service is running on the same computer as the viewer. remote service on T he service is running on another (remote) computer. Insert IP address or DNS name of the host on wh

Inhaltszusammenfassung zur Seite Nr. 20

Chapter 5 Program Control User authentication — enter your user name and password. In case you are logging to Kerio Network Monitor for the first time (after installation), use the predefined user account Admin and leave the password empty. To store passwords in user profiles so that it is not necessary to specify them for each connection use the Store password in user profile option. You can perform the login by pressing the button Login. The button Cancel cancels the logindialogand alsoclosesthevi