Tag Archives: monitoring software

March Madness

Wavecrest Computing has heard about it every year for 15 years–companies complaining that their bandwidth is slow and their overall productivity is down, all during March and early April! What is going on? Madness, they say…March Madness!

The bandwidth strain can be a big problem. According to a recent survey, 66 percent of workers say they’ll follow the games during work hours, with 20 percent expecting to spend one to two hours following games, 14 percent spending three to four hours, and 16 percent saying they will spend five hours or more watching games instead of working.*

How do you control this type of bandwidth usage? While you may or may not allow your employees to follow the games at work, you will want to ensure that it doesn’t interfere with your network. Wavecrest Computing offers Internet filtering by category or site, white list filtering, real-time Web monitoring, and detailed Web-use reports on a particular category or site and bandwidth usage. Some of the many Wavecrest CyBlock features that monitor bandwidth or access to sports sites are:

  • Real-Time Bandwidth Monitor
  • Top Sites Bandwidth Chart
  • Top Groups Bandwidth Chart

For more information on CyBlock and a free trial download, see CyBlock Core Features.

* March Madness – Challenger, Gray and Christmas, Inc. 3/13/2013

Monitoring Internet Usage … From the IT Department

During July, August, and September of 2011, Commtouch assessed categories of Web sites most likely to be home to malware, below are the top ranking offenders.  The Portals category includes those sites offering free hosting which are often abused to publish malware and phishing content or will redirect to sites with this content.

What were the most-visited categories by your employees during 2011?

Are you currently monitoring and/or blocking the existing Spyware/Malicious, Phishing/Fraud, Public Proxy, and Hacking categories to help protect your network?

Source: Commtouch

In today’s wired workplace, internet security and bandwidth consumption are top concerns for IT professionals while employee productivity and legal liability ail management and HR professionals.  As a major contributor to the Web-use management effort, IT typically becomes deeply involved in planning, testing, selecting, installing, and administering Internet monitoring software.  With the different departments playing a role in deciding on the best product to fit their vast needs, most are left without a solution.  Fortunately, Wavecrest’s products have been reviewed by our customers as meeting each role’s needs most effectively, offering manager-ready, easy-to-interpret reports that can be accessed without the IT personnel in addition to providing a robust, truly scalable IT-friendly remedy.

With Wavecrest Computing, customers have the insight needed to proactively monitor / block the notorious malicious sites based on custom categories, the Wavecrest Control List, and a real-time deep packet analysis process.  Plus, our 19 comprehensive templates provide a variety of summarized and detailed Web-use activity reports on users, groups, categories, sites, acceptability ratings, and bandwidth consumption.  Conveniently import your current Web Use Policy to easily customize or classify categories, implement abuse thresholding, and monitor employee productivity while our Administrator and Operator Accounts allow for non-IT personnel to create and obtain their role-specific reports.

While serving a diverse mixture of commercial businesses, industrial firms, government agencies, military units, educational institutions, and non-profit organizations since 1996, our products continue to present the most up-to-date, proactive coverage in line with the one factor that underlies all Web-use management issues, human online activity. Wavecrest’s managers and developers understand human resource management well and we use that knowledge to develop features that prevent productivity losses, legal liability problems, network issues, and unnecessary costs.

New Minor Releases: CyBlock 5.9.0 and Cyfin 7.9.0

New versions of Wavecrest Computing’s CyBlock and Cyfin monitoring and filtering software were recently released.  They include the following new features and enhancements.

  • Enhancement – Array configuration. This release contains a useful new feature which will allow you to combine all of your proxy data into an Enterprise report.  It also lets you apply settings and policies from one ‘primary’ installation to multiple ‘secondary’ installations.  For Cyfin Reporter, this feature works a little differently.  Instead, it allows you to use multiple servers’ CPU’s to process logfile data, while leaving one ‘primary’ Cyfin Reporter machine free to run reports.
  • New Report – Site Audit Detail. This report lists all users that visited a particular Web site and shows the total visits.
  • Enhancement – Proxy Chain ability. CyBlock Proxy and Cyfin Proxy now have the ability to use a ‘downstream’ proxy in a ‘chain’ configuration.
  • Enhancement – Job Queue. New keyboard shortcuts allow you to pause and restart the job queue.  Also, all jobs are now numbered in the queue.
  • Enhancement – Logging optional. (CyBlock Proxy only) Logging of proxy data can be disabled without affecting the filtering policies in place.
  • Enhancement – New logfile formats supported. (Cyfin Reporter only) Cyfin Reporter extends support for Sidewinder Firewall G2, IronPort Appliance, Symantec Web Security and MIMEsweeper logfiles.

For full release notes on the products, please visit the forum at https://forum.wavecrest.net/index.php. Current customers can download the latest release from their product by going to the Administration – Product Update screen.

Controlling Spyware with Cyfin and CyBlock

Introduction
Spyware – software that tracks Web surfers’ activity without their knowledge and sends the information back to a third party – is a growing concern for IT administrators. Spyware can compromise security, consume bandwidth and slow networks to a crawl. The good news is you can help protect your network from spyware with Cyfin and CyBlock software.

Spyware Problems
Spyware can get into your computer(s) very easily, and it can be extremely hard to detect. Most employees never realize their computers are infected, and those that do have no idea how it happened.

Because spyware enters a user’s system with “legitimate” traffic through an open Internet port, firewalls are not an adequate defense. Spyware remains undetected by firewalls designed to block suspicious inbound traffic rather than monitor the heavy outbound activity spyware generates. (Inbound spyware doesn’t look suspicious.)

Wavecrest Solutions
Your Cyfin web monitoring software or CyBlock web filtering software can help identify spyware and reduce your risk of downloading it in the future.

1) Use reporting tools to spot spyware activity with Cyfin or CyBlock.

A. Look for unusual patterns of Web activity. Run a Site Analysis report at least once a week and be alert to changes in the volume and pattern of outbound Web activity. For example, if a single user is suddenly logging thousands of visits a day, chances are it’s a spyware issue. That’s because “human” activity is usually more random than spyware activity. Here’s another clue. If you notice that every morning at 3 a.m. a user appears to be accessing the same Web site repeatedly, most likely the activity is being automatically triggered by a spyware program.

B. Watch the IP Address category. High activity in this reporting category should raise a red flag for administrators. Most spyware programs send information back to an IP address, while actual user activity is almost always driven by a domain name. Wavecrest software will categorize all IP Address activity automatically. High traffic volume here warrants further investigation.

C. Identify the source of the problem. Dig deeper by running a Category Audit Detail report to uncover both the spyware site and the affected user. If your Category Audit Detail report shows an unusual number of hits to a specific Web site, that site is most likely the source.

2) Use CyBlock’s filtering tools to control surfing.

A. Create a strict “allow” list. One way to prevent spyware is to strictly control employee Internet access. With CyBlock, you can limit online access to only the Web sites you know to be trustworthy and automatically block access to any Web site not on your “allow” list.

B. Block access to social networks high-risk sites. Another less restrictive way to minimize exposure to spyware is to block user access to high-risk site categories. These include spyware/malicious, hacking, phishing/fraud, music downloads, download sites, social networks, games, chat and pornography.

3) Update your Web-use management tools.

A. Update your Acceptable Use Policy. Employees need to understand the risks of Web surfing. Minimize risks of Internet abuse by implementing a policy to curtail at-work surfing and communicate it clearly to employees.

B. Update your Wavecrest list. The Wavecrest control list is updated daily, adding Web sites known to host spyware. We recommend downloading your Wavecrest control list daily to minimize the number of visits categorized as “Other” and ensure the best coverage possible. You can set Cyfin and CyBlock to do this automatically on the Administration – URL List – Schedule screen.

(Note: If you spot a Web site you suspect may be spyware, email it to us at sites@wavecrest.net. Our OtherWise research team will review the site and categorize it appropriately.)

C. Update your operating system. Download updates to your operating system on a regular basis. Spyware multiplies on your network by exploiting weaknesses in OS software. Frequent updates will help plug these holes and minimize the damage if you become infected.

4) Work with your employees.

Counsel employees about the dangers of spyware. Brief your employees on the dangers and detrimental effects of malicious software, and tell them about the actions you’re taking as well as the actions they should take and the sites they should avoid.