Sign in
Follow

Getting Started with the NetWatcher Endpoint (Free Version)

Overview:

The Free version of the NetWatcher Cloud Endpoint offers a user a great way to get started with NetWatcher. 

Once you install the NetAgent you get access to a secure VPN and the Sensor in the Cloud (other items are on the way as well, like File Integrity Monitoring and Log Analysis).

With your secure VPN you can feel comfortable sending information to the internet and having it encrypted.   With the addition of Sensor-in-the-Cloud(TM) we take it a whole new level and offer you deep packet inspection and intrusion detection in the Cloud.

 

Installation:

Once you are approved for the beta you will receive the following email with instructions on how to activate your account: 

Step 1: Activate Your Account

 

 

When you press the Activate link you will be taken to a page to set your password.

Step 2:   Set your password. 

Your user account is the email where the activation email was sent.

 
You will then be taken to the login page.   Make sure you bookmark the page.

Step 3:  

Login to the NetWatcher Customer Portal using your new password and the email address you used to register for the service.

 

Step 4: Phone Verification

We use the phone verification process for security purposes.

Check your cell phone for a text with an activation code and enter it here.  If you need to change your phone number you can also do that here as well.

Step 5:  The Dashboard

Once you verify your phone number you will be taken into a 3 step Tour that explains the NetAgent download process. 

 

 

Now you are ready to download and install the NetAgent. 

Step 6:  Download

Press the 'Download NetAgent' button and install the NetAgent and its corresponding Module(s) (like Sensor-in-the-Cloud).

 

Step 7: Verify

Verify that the agent has installed by checking the SysTray

 

 

***The Next Step may take up to 10 minutes to complete*** 

 

Step 8:  Refresh the page

Verify that the 'Sensor-in-the-Cloud' module and the 'SysTray' modules are dark blue.

 

 

Step 9:  Test the solution

If you want to produce some activity locally you can easily create some events by clicking on the following:

Creates an event for: ET INFO DYNAMIC_DNS HTTP Request to a *.dyndns.* domain

                http://security-research.dyndns.org/pub/botnet-links.html

Creates an event for: ET POLICY Logmein.com /Join.me SSL Remote Control Access

                http://join.me

Creates an event for: ET INFO WinHttp AutoProxy Request wpad.dat Possible BadTunnel

                http://www.cnn.com/wpad.dat

Creates an event for: ET INFO HTTP Request to a *.tc domain

                http://theatln.tc

 

You can then see them by going to the Advanced tab (1).  Choose the Grouped view (2) and Apply Filter.   Eventually you will see the Events (3) below show up.   Remember Events get correlated on the back-end to create Alarms.  None of these events warrant us creating Alarms with a severity of Low/Med/High. However, if you install Join.me and run it, you will see an informational Alarm appear.

 

 

Comments

Powered by Zendesk