Data sources and objects captureEtherSensor EtherCAP service:
[*]Traffic processing efficiency is now higher. Incoming HTTP traffic can now be intercepted due to lower resource consumption of EtherSensor and the execution environment.
Captured objects analysis:
[*]Processing of all available HTTP GET requests from Ethernet and ICAP is guaranteed. Explanation: earlier, the analysis was only available for messages sent from the workstations via the web interface, but now we can also analyze all incoming messages.
[*]The server can now monitor logins, passwords and downloaded files for GET requests.
[+]HTTP prefiltering was added to discard obvious junk. This helps to reduce the load on the analysis system. It can also be used for debugging.
Logging:
[+]You can now select encodings for EtherSensor messages sent to log files or syslog servers; thus, another obstacle to using common log analyzers is removed.
Configuration console:
[*]The configurator was completely rewritten: this is now a standard Windows application (mconsole.exe file from the distribution kit) instead of an MMC console used previously.
[+]EtherSensor statistics is now accumulated for integration with external monitoring systems.
News 