Network traffic monitor with DPI technology for offices, schools, libraries and home.
BitTally is a professional and reliable network monitoring application. It's not a low-level packet sniffer, like those used mostly by network administrators, programmers, and other geek types. BitTally is for normal people - like managers, parents, etc - who want to know what is going on on their networks. Like sniffers, BitTally must see all network traffic. So it must be connected to a hub, mirror port of a switch, etc. There are many possible variations (described in detail in the manual). In the simplest configuration BitTally may run on the single user's computer. Stateful Traffic AnalysisBitTally keeps track of all active connections from beginning to end so every packet, byte, and bit can be tallied properly, attributed to a correct protocol, user, etc. Deep Packet Inspection (DPI)It means that application protocols are not recognized by port numbers or other shallow packet-level characteristics. This simply doesn't work with many protocols, neither does simple pattern recognition (e.g. BitTorrent may look like HTTP, and Skype mimics HTTPS to avoid detection). BitTally recognizes application protocols by: · Protocol-specific signatures, · Analysis of other connections (e.g. FTP control connection carries information about future data connections), · Heuristic analysis of behavioral patterns, and finally, if everything else fails, · Port numbers. User-awareTraffic statistics are collected for users and destination networks rather than raw IP addresses. For it to work properly you must tell BitTally how to map IP or MAC addresses to meaningful user IDs, and peer IP addresses to network IDs (this is optional; by default there are just two networks: “Internal” and “Internet”). Client-server architectureBitTally consists of two components: Monitor and Client:· Monitor collects traffic statistics, detects suspicious activites, kills unwanted traffic, generates reports. It has no user interface and runs as Windows service. · Client is a GUI application that controls Monitor. It may be installed on any computer (local or remote) and is used by the administrators to configure Monitor, generate traffic reports, watch real-time traffic information. · In addition to the standard GUI client, any web browser may be used to control the monitor. In this case no setup whatsoever is required on client machines. With BittTally you can easily create your own custom applications to save traffic data in a database of your own, periodically reconfigure Monitor's IP-to-user mapping using data obtained from your DHCP or RADIUS server, and so on. Here are some key features of "BitTally":
· Collects application usage statistics (HTTP, BitTorrent, Skype, etc.)
· Analyses web browsing patterns identifying site categories (Adult, Hate, Gambling, etc.)
· Allows the administrator to set up triggers to detect suspicious activities in real time (e.g. to identify P2P or e-mail abusers).
· Blocks unwanted traffic (criteria: user, protocol, destination, domain category, time of day, day of week, traffic volume).
· It can only track traffic of 5 users and it does not support capture action. What's New in This Release: [ read full changelog ]
· Raised level of trigger toggle log messages.
· Small changes to thread priorities.