Wauth Logging Reporting User Authorization Best Solution For 5651 Integrated Reporting Module

► Flexible solutions that allow you create various authorization scenarios for various guest definitions

► Web-based administration with Turkish and English interface support

► Integration with Active Directory, LDAP, Hotel Management Software and other application databases

► Ability to log fully compatible to 5651 by listening the traffic

► Legal Time Stamp

► Ability to obtain evidences in accusations quickly and in accordance with the law

► Ability to hear multiple points simultaneously

► Detailed web usage reports

► Easy to understand, user friendly graphical interface

► User-based report support, daily, weekly, monthly or for required time

► Report support in various formats such as PDF or XLS

► Auto-reporting via E-mail

LBRLOG offers the infrastructure that allows you to realize your legal duties with high level technology and security knowledge. The product with the motto of “logging has never been only logging” deals with logging as a significant element of security. It authorizes mobile or guest users which can cause serious security gaps or carry cyber crime factors with integrated and wieldy authorization (HotSpot) solution WAUTH.

Besides LBRLOG, user SMS Authorization (SMS storage and Mobile Payment) and manual user registry options, it also offers you the chance to use your current databases such as Active Directory, LDAP, Hotel programs etc. with a single click. In addition to all these, LBRLOG can provide detailed reports about what happened on your network with its strong reporting infrastructure, and it gives you the possibility to surveil network traffic closely with instant monitoring screen.

Network Security Softwares and Hardwares

Wauth Authorization

User Authorization

WAUTH, as distinct from hotspot solutions in the market, provides an extensive solution which can be integrated to any internet network by dealing with the issue as a significant element of security.

WAUTH, is able to offer flexible solutions for all guest types and guest authorization scenarios of all institutions.

The guest may be a customer of a restaurant / hotel, a student in a dormitory, thousands of fair / conference visitors or a patient’s relatives coming for a visit in the hospital. The expectations of these guests from the network, their time of stay in the network or the way they would connect the network according to your topology may completely differ.

Management and Monitoring WAUTH, web-based manageable which has Turkish and English interface support, is easy enough to be managed by any employee regardless of their level of skill.

It provides online screens that allow you monitor all users via its interface. Thanks to its web-based management, you can connect from everywhere, manage your previous authorization infrastructure and establish rules.

In order to prevent guest users from causing overload on your network, limitations of required band width and time are possible. Detailed reports of guest users can also be acquired via its web reporting interface

5651 Logging and TURKTRUST Legal Time Stamp

All the logs that are demanded according to the law 5651, of users you authorized with WAUTH, can be saved with legal time stamp on LBRLOG and be reported when required.

WAUTH FEATURES • Authorizing by matching user information with MAC information • Ability to use all authorization methods simultaneously • Common Key protection for SMS Authorization • Time-based authorization • Utilization of mobile payment without applications or procedures • Authorization bypass option for users that connect constantly • Ability to authorize users at endpoints that connect to the center with IPSec VPN or MPLS VPN • Ability to designate users with unlimited authority • Authorization method activation / deactivation option

- Designating time quota

- Effective band width management

- Designating timeout periods

- Customizable “Welcome” Page

- Web-based management

- Turkish and English interface support

- Logging authorized users according to 5651

- TURKTRUST Legal Time Stamp

- Ability to designate user-based policy

- User search engine support

- Log-out option for users

- Ability to cut connections of intended users instantly with connection management

- Ability to do authorization for multiple networks

- Ability to easily change options such as authorization time, quota and password

Active Directory

Registry Desk

Authorize SMS -Mobile payment -SMS storage

Hotel Management Softwares

Current Databases

Structures which categorize demandingly by perceiving that guests are not one single user, and which are able to manage in the same significance level nested within each other can reach a fully secure structure.

Logging Reporting

Best Solution for 5651 Integrated Reporting Module

LBRLOG allows you to log accordingly with the law without affecting your investment on the network and topology. The system which saves all the logs that law 5651 demands by listening to your network, guarantees that logs are saved just as they are, unchangeable, entirely and secretly with TURKTRUST Legal Time Stamp which comes built-in.

Devices with minimum 500 GB log space saves on itself not only network DHCP logs but also all Web (HTTP/FTP) and E-mail (Incoming-Outgoing SMTP, IMAP/POP3 Access Logs) traffic y logging.

LOGGING FEATURES

• Plug and Go Convenience

It commences logging the directed traffic before any configurations are made. A copy of the traffic to be listened is transferred to the device via switch (port mirroring or span port), external “tap sound locator” or a standard hub.

• Bridge Mode

Listening and logging procedures can be made without doing any changes on the network or without the users noticing it by interfering with the line which hosts the traffic to be listened.

• Ability to Simultaneously Listen Multiple Traffics, with Multiple Methods

All listening ports can be used simultaneously.

It can listen more than one directed traffics while doing inquiry on bridge mode for multiple traffics.

• Vlan Tagged Listening

According to IEEE 802.1Q (VLAN Tagging) standard, in listening which hosts multiple VLAN traffics on a single line, it offers standard compatible listening and logging. Thanks to this, it makes possible the method of installation without touching the line on advanced lines.

• Remote Logging / Log Hosting

Back-up logs can be held to multiple remote servers, logs to syslog servers can be written. Logs can be done by connecting to External Storage Area Networks (SAN). They can be stamped with time stamp together with the logs it produced itself, hosting on itself logs of all external applications compatible to the standards.

• Instant Log Monitoring

You can have more clear and detailed monitoring by filtering the going traffic during monitoring on IP and URL basis.

• Management Profiles

It is possible to manage on different authorization and accessibility levels by defining different management profiles on management interface.

• With its various report support, Labris® Integrated Reporting Module, gives detailed reports on what happened on your network.

• With its user-friendly, easy to understand pictographic interface, it is always near at your hand as a useful analysis tool that not only system and network managers but also executive managers can understand.

• Thanks to its Rapid and Smart Matrix Analysis infrastructure, it can generate reports not according to one criterion, but synthesizing many of them. It brings generated reports before you in a speed a regular website opens.

• It grants you the ability to intervene to the right spot instantly in abnormal situations with its instant monitoring feature. It draws up internet use characteristics of users on your network and leads you to establish more effective policies.

System Utilization

• Load Average

• Band Width Utilization

WEB Utilization • Web General View • Last Half Hour • Current Sites • Current Addresses &Summaries • Sites (According to Their

Connections) • Sites

(According to time of use) • Users (According to Their

Connections) • Users

(According to Time of Use)

File Downloads

(Per Item)

• File Types • Search Engines • Search Patterns

User Tracking

• User Web Access Summary

• User Favorite Sites • User Site Access

Scatter According to Time

• Number of Access • Time of Use

Detailed Listing

• Sites • Users • Web Flow • Sites Per User • Addresses Per User

(URL) • Users Per Site • Users and Addresses

per Site(URL) • IP-MAC Listing

Popular Statements

We don’t want to change the products we use and our topology to fulfill the requirements about logging.

LBRLOG, with its plug and go ability which requires no installation, can log directed traffic without doing any configurations. Which means you can direct the traffic onto the device either by interfering with utilization of bridge mode or with an external “tap sound locator” or standard hub via switch ) port mirroring or span port ), and this would be it. There is no need to do a topology change or configurations that take long time.

I don’t want the logging product to intervene with my network, servers and end user computers and establish an agent.

LBRLOG listens the traffic online and operates without agent. It puts away the need to intervene with you PCs and servers.

It is enough in scope of the laws and operational requirements for me to give DHCP (IP distribution) logs I distribute to TİB program.

TİB is not a time stamp supplier authorized by Law 5070 only marks that it guarantees “inalterability, integrity and secrecy” principle of data on internet of institutions that are authorized as “Electronic Certificate Service Supplier”. It cannot be proven that a log that is not approved by these institutions authorized by T.C is not changed.

Every day I take who accessed where from my devices and put it on my computer. It would be enough to Show them when authorized units come.

Moving the logs from one place to another would create the doubt that they could have been altered, thus it could allow the accused person to deny the evidences. Logs should be kept where they are as much as possible and accordingly to principle of “inalterability, integrity, privacy”.

It is enough to provide security and Access control. Logging is overrated.

Logging and security are two inseparable elements ever since the very fist network systems were founded. It is essential for every security system to log both system operation and user requests because of management and evidencing needs. The fact that there is no certain standard and occurrence of many kinds of network security devices brought the overlooking to such needs.

With 5651 and similar international laws, it is made obligatory to record traffic mark on every end devices and ISP level structures

I can’t find a reliable way in which I can get guest user’s identity clearly and that won’t cost me like SMS fee.

With WAUTH authorization module which comes integrated to LBRLOG, there also is mobile payment integration. With this method it is possible to get the SMS fee from the cell phone which demands authorization. It won’t cost you additionally. When your guest users are included in the network with cell phone number and password, their logs required by Law 5651 are kept and saved safely with time stamp on them.

I have active directory, ldap and other applications which host corporation users and guests. Re-entering the same record twice by defining the users also in logging system is not manageable and meaningful.

LBRLOG is a practical and flexible 5651 logging and authorization solution designed for customer needs. By using databases of Active Directory, LDAP or other applications you can authorize your users. If you choose, you can use all authorization systems simultaneously. For instance, your Active Directory users can be authorized with registered user name and password for internet Access while your guest users are being authorized with SMS.

DEVİCE

Bandwidth 8 Mbps 14 Mbps 30 Mbps 60 Mbps 150 Mbps

Traffic Log Rate 600 Log/s 1200 Log/s 2000 Log/s 4000 Log/s 6000 Log/s

Log Capacity 500 GB 500 GB 1 TB 2 TB 12 TB

Redundant Logging - - Op (RAID 1) Op (RAID 1) Op (RAID 0, 1, 5)

Remote Logging Syslog/SAN(ISCSI) Syslog/SAN(ISCSI) Syslog/SAN(ISCSI) Syslog/SAN(ISCSI) Syslog/SAN(ISCSI)

Sniffer Ports 3 Pcs 100/1000 5 Pcs 100/1000 5 Pcs 100/1000 4 Pcs 100/1000 7 Pcs 100/1000

Management Ports 1 Pcs 100/1000 1 Pcs 100/1000 1 Pcs 100/1000 1 Pcs 100/1000 1 Pcs 100/1000

LCD Panel/VGA - 20x2 LCD 4 key 20x2 LCD 4 key 20x2 LCD 4 key 20x2 LCD 4 key

OPTIONS IPS IPS IPS

2 TB Log Space Additional 100/1000 Port and Fiber Port

IPS 2 TB Log Space Additional 100/1000 Port and Fiber Port

IPS Additional 100/1000 Port and Fiber Port

Network Security Softwares and Hardwares

Silikon Bina 1 Nk 24 Teknokent,

ODTU Ankara / TURKIYE