Integrity FAQ
GENERAL
Does Integrity protect content privacy? Deep packet inspection (DPI) is not magic. We analyze the application behavior of P2P file sharing protocols across connections, but we are not reconstructing the data being transferred, or performing any kind of audio fingerprinting. While DPI systems are capable of seeing this data, we have chosen not to do so in order to preserve privacy and avoid the dead-end of trying to analyze encrypted connections. Administrators have complete access to the DPI rules in use, and are free to create their own rules and manage the existing ones in any way desired.
How is Integrity's identity-aware traffic management different from typical firewalls, traffic shapers or intrusion prevention systems? Integrity uses real-time identity awareness to control P2P file sharing based on who a person is, not based on their IP address. This means that no matter how the user accesses the network, policy is intelligently applied to them, drastically improving security and consistency.If you're used to traditional traffic shaping, Integrity will open your eyes to the next generation of intelligent traffic management.
IMPLEMENTATION
Do I have to install any software on student machines to block P2P? No
How can Red Lambda keep my deployment costs low, even though I want to monitor traffic on multiple LANS? Any endpoint running Integrity can be used to monitor traffic. Licensing and support fees are based solely on the number of people being protected, allowing customers to deploy as many monitoring points as desired at no extra cost.
What hardware do I have to buy and will I have to upgrade my equipment? Integrity uses spare computational power on existing machines via its cGRID™ peer-grid architecture and requires no additional upgrades or purchases. Administrators are free to install the software on dedicated hardware or on as many machines as needed. Integrity's cGRID™ architecture is extremely scalable.
My help desk is already maxed out. How do I know Integrity won't represent another time burden for my team? Let's face it: Constantly receiving DMCA complaints is a real hassle. Integrity was built by university engineers trying to control file sharing within their own networks using a comprehensive, human approach. Not only will Integrity proactively caution your students and block P2P abuse, it will also automatically process DMCA complaints. By automating the work of many people, Integrity is able to cut your costs, reduce headaches and guarantee that you are not wasting time on false DMCA complaints.
How long does Integrity take to install? A typical installation implementing the Congressional HR-4137 'Ideal Solution' takes less than 1 hour to install.
Our network uses equipment from lots of different vendors, can you help? Yes, Integrity was built specifically to work independently from your network hardware while leveraging its particular strengths. The collaborative nature of our architecture means that Integrity can talk to just about any piece of equipment you have. We even do our best to interface with any homegrown solutions you may have in place, and encourage integration with Integrity through complete data structure transparency and rigorous adoption of open standards. This eliminates the guesswork for in-house development teams, giving them quick and easy access to the network knowledge assembled by Integrity for their own custom applications.
PERFORMANCE & TECHNOLOGY
Can you give me back my bandwidth without affecting network performance? Yes. Integrity is an out-of-band solution that monitors traffic at aggregation points, or within LANs, via mirror or span ports. Various techniques can be applied that use your own network such as VLAN steering, ARP steering, proxy redirection, ACL/firewall rule modification and many others. By not relying on protocol tricks such as TCP resets, Integrity eliminates the risk of disrupting normal network behavior. And unlike appliances, Integrity automatically scales with your network's load.
With the trend toward encryption, I want an application level solution that works despite the use of encryption. Can Red Lambda help? Integrity detects activity based on the behavior of the protocol This method combines deep packet inspection (DPI) with behavioral analysis and is not impacted by the use of encryption. Integrity's engine is also completely open, and you are free to create any additional rules as desired.
You say that you respect privacy by not looking at the network users' content, but you are using deep packet inspection. Can you explain that? Deep packet inspection (DPI) is not magic. We analyze the layer 2,3,4 & 7 behavior of protocols across connections, but we are not reconstructing the data being transferred. While DPI systems are capable of seeing this data, we have chosen not to do so in order to preserve privacy and avoid the dead-end of trying to analyze encrypted connections. Administrators have complete access to the DPI rules in use, and are free to create their own rules and manage the existing ones in any way desired.
Can Integrity stop users from downloading or sharing pornography? Integrity can stop pornography when it is sent or downloaded via UseNet, IM, P2P, FTP, etc.. However, it does not identify content as pornography, only as a file sent by the previously mentioned protocols.
Which protocols do you monitor? P2P, IM, IRC, FTP, and others. For a complete and current list, please contact us. You can choose to monitor as many or as few as you wish with complete monitoring granularity. Integrity supports different monitoring standards for different groups and locations.
I can't use deep packet inspection of any kind for privacy reasons, is there any way you can help solve the files-sharing problem in that situation? If deep packet inspection is the only limitation, Integrity offers other options, depending on the concern at the heart of this restriction. Visibility is required for analysis, however, and if no monitoring of any information is permitted, analysis is not possible.
When you say that Integrity can track users, is that real time? Do you keep all historical information? We track user behavior and location in near real-time. The collaborative grid's storage capacity allows you to keep comprehensive historical information for the entire life of the system.
How do you know if content is copyrighted? The Integrity product does not attempt to determine whether a file contains copyrighted material. Red Lambda's position is clear: because of the trend toward encryption, technology that inspects content has a limited life. Instead, Red Lambda's efforts have focused intensely on protocol behavior. A combination of packet, flow, and behavioral analysis methods are used to virtually eliminate false positives.
We don't have a user registration system, does Integrity work in that scenario? An Excel table of user IDs to MAC addresses is sufficient. (note that this is also automatically collected if 802.1x or other network sign-on technologies are used). In the absence of this registration system information, a policy is limited to associating a specific piece of hardware to behavior Integrity can be configured to notify the user via email, IM, web steering and other methods. The messaging function can also be used do deliver educational content, thus leveraging policy violations as teachable moments. Content may also be tailored for different user groups, locations, time of day, or any other criteria in the Integrity policy engine. Integrity can also be configured to preemptively open and close help desk tickets, judicial tickets and other items for more effective involvement of support staff.
SECURITY PROCESS AUTOMATION
I would like a wide variety of enforcement options - ones that my organization can choose and tailor. Is this an option? Integrity is completely configurable and can be used to automate help desk workflow, remediation activities, judicial processes and an array of Layer 2,3 & 7 methods. Integrity can make policy decisions based on any data in LDAP etc. These combine with Integrity's policy shadowing system to apply policy consistently to any wired, wireless, NAT or VPN user.
When I use other tools to shape bandwidth for P2P, my helpdesk starts getting calls. How does Integrity handle this? Integrity can be configured to notify the user via email, IM, web steering and other methods. The messaging function can also be used do deliver educational content, thus leveraging policy violations as teachable moments. Content may also be tailored for different user groups, locations, time of day, or any other criteria in the Integrity policy engine. Integrity can also be configured to preemptively open and close help desk tickets, judicial tickets and other items for more effective involvement of support staff.
How does my organization accommodate users that need to use P2P? With Integrity, policy can be based on user groups, identity, and just about any other field in your directory services. For instance, Employee #245 could have an exemption for BitTorrent during certain hours, as could members of a particular department. This is just one example of Integrity's policy flexibility and how Integrity can be used to provide choices to organizations that may have a need to use certain protocols while at the same time containing the use of protocols for the general user population.