User guide

iGuard/inSight User Guide

Release 7.0.0.4

Find traffic to and from foreign nationals

Loss of intellectual property to emerging markets has cost U.S. companies billions of dollars. This use case

helps you identify who your employees are communicating with outside of the country.

Find postings to social networking sites

Employees who are deeply engaged in their relationships on these sites may not realize how much

productivity is lost, or how much sensitive information is leaked when they use Web 2.0 sites in the workplace.

This use case will help you to identify those users.

Find Confidential Documents

You can do a simple keyword search to find out if any of your confidential documents are available

on the network or were emailed outside of the company.

1. Go to Search > Basic.

2. Type in the words and/or phrases found in the documents.

You can extend a common keyword search by using logical operators.

Because the default operator is the Boolean AND, this query finds documents marked both

"Confidential" and "Proprietary", but not "privileged", which uses the NOT operator.

3. Click Search.

Find Covert Email

iGuard can find email that bypasses corporate mail servers because it is port- and protocol-

agnostic (it classifies and indexes all traffic, regardless of port or protocol).

Because traffic types are associated with specific numbered ports,using a port number in a search

is an efficient way of pinpointing a specific type of traffic. Port 25, which is usually used by the

SMTP protocol, is the logical place to look for email transmissions, but users can get around this

expectation by using of an alternate port.

The solution to this problem is to set up iGuard to find SMTP transmissions on any non-standard

port by eliminating port 25 from the query.

1. Go to Capture > Advanced Search > Content.

2. Select the Content Type element.