InfoWatch Traffic Monitor filters outgoing mail (SMTP) and web traffic (HTTP) and IM activity (e.g., ICQ), detecting and preventing attempts to transfer confidential data .

Interception of SMTP, HTTP and ICQ traffic is executed via the transparent proxy technology. It makes use of an absolutely transparent proxy server that directs traffic to the content filtration server.

Intercepted data undergo a multilevel filtration based on content analysis (using the unique linguistic engine Morph-o-logic¿) and an analysis of formal attributes (sender, recipient, etc.). depending on the analysis results and system settings, the data can be handled in different ways (blocked, permitted or placed in quarantine).

Information about withheld and suspicious objects is sent to the workstation of the information security officer. the system supports the demarcation of roles with different access rights to different types of filtered data.

The information security officer's console provides comprehensive data about mail, web and IM traffic, including the text of intercepted messages and the reason they were withheld, warnings about detected incidents, as well as enabling customizable reports about user activities to be created.

All outgoing mail (SMTP), web (HTTP) and IM (ICQ) traffic that passes through the transparent proxy, as well as the data recorded by users on removable external media, is saved on the InfoWatch traffic Monitor database, where it is kept in its original form. the messages are then indexed and partitioned, i.e., converted to a format appropriate for further analysis.

InfoWatch traffic Monitor is thereby capable of creating a corporate archive of information that is sent outside the company, systematizing and monitoring the message history and conducting retrospective analyses of confidential data leakage incidents.