FAQs >

Vericept FAQ

Vericept • Vericept Monitor

Will Vericept slow down my network?

Vericept monitors your network traffic passively like a sniffer. You need only configure a switch to mirror the traffic to the Vericept interface. Vericept then analyzes and categorizes the communications.

Can Vericept block unauthorized communications?

Vericept can block and enforce policies on SMTP traffic. On version 8.2, you can now use an ICAP compatible proxy to send traffic to Vericept for scanning. Vericept can then send back ICAP modifications to block traffic. Talk to our experts about how this can be implemented for your environment.

Will Vericept alert me to certain events of my choosing?

Vericept will send out alerts on events of your choosing if you have a syslog or SNMP server.

How much hard drive space is required?

That depends how the amount of traffic, the amount categories you are collecting for, and how sensitive you have those settings. Typically, customers use about 300GB HD and they have plenty of room to keep a few months of data. Most customers end up archiving the data to a file server so ~300GB of space on your Vericept servers is ample.

Can Vericept tell me the user name of the account generating the traffic or just the IP address?

Assuming each user has a unique username and password used to authenticate to the network, we can use Vericept’s Active Name Resolution (ANR) to identify the users by their unique login. Vericept, as a TCP-based solution, relies upon IP addresses for correlating the user name with the specific violation event. We have customers using this in Active Directory and in Novell eDirectory environments.