FAQ

Traffic Inspector is best described as:

Comprehensive

Traffic Inspector is an all-in-one gateway solution for network security, web access control and detailed traffic analysis and reporting.

Simple

Traffic Inspector is easy to install, configure and administer and does not require extensive knowledge of networking and computers.

Secure

The product’s extensive range of network security features protects against the majority of modern Internet threats.

Flexible

Traffic Inspector gives you the tools to enforce flexible access control policies with highly customizable subsystems.

Effective

By blocking social media sites, entertainment sites, online games, music and video content, Traffic Inspector reduces wasted time and improves employee productivity.

System Requirements

• Supported OS: Windows 7 x86, Windows 7 x64, Windows 8 x86, Windows 8 x64, Windows 8.1 x86, Windows 8.1 x64, Windows 2008 R2 x64, Windows 2012, Windows 2012 R2

• Intel(R) Core(TM)2 Duo 6300 1.86GHz processor

• 2048 MB available RAM

• 4 GB free hard disk space.

• Monitor and video adapter with 1024x768 resolution

• Internet connection

Traffic Inspector is not designed to be used as a personal firewall. Traffic Inspector should be used as a gateway firewall. You can disable most of Traffic Inspector’s other features and specifically use it as a gateway firewall.

There is no Linux version of Traffic Inspector currently in development.

TI Agent is a small program that authenticates users to the Traffic Inspector server, displays current user account balances and TI notifications. It also allows users to customize their Internet experience by setting up individual filtering levels and caching modes. TI Agent offers quick access to a personal web page where users can view their network statistics.

A purchased license entitles you to one year of support and technical updates. Your program installation remains fully functional even after the entitlement expires, but you will have to renew the entitlement if you want to have continued access to new product updates and technical support.

There are two renewal options: standard renewal and late renewal. Standard renewal: a customer has up to 60 days after expiration to renew entitlement for a year by paying 30% of the price of the currently owned license. Late renewal: if more than 60 days have passed since expiration, a customer can renew entitlement for a year by paying 60% of the price of the currently owned license.

Version

A version is identified by a unique version number. Version numbers are assigned in increasing order.

Upgrade

Used exclusively to mean “License upgrade.” Upgrading the license allows you to add more user accounts to the program.

Update

Used exclusively to mean “Software update.” Each subsequent program version typically implements new features and has fixed bugs. Updating the product ensures that you are using the most stable and feature-rich version.

Expiration and renewal

A purchased Traffic Inspector license is permanent and never expires.A purchased license entitles you to one year of support and technical updates. The program installation remains fully functional even after the entitlement expires. You have to renew the entitlement if you want to have continued access to new product updates and technical support.

The license for the Traffic Inspector Anti-Virus powered by Kaspersky plug-in is separate from the Traffic Inspector license and it is time-limited. Anti-virus updates are disabled after the expiration. Malware inspection is not disabled. You have to extend the license if you want to have continued access to anti-virus updates.

The license for the Traffic Inspector Anti-Virus powered by Kaspersky plug-in is separate from the Traffic Inspector license.

The license for the Traffic Inspector Anti-Virus powered by Kaspersky plug-in is time-limited, and anti-virus updates are disabled after expiration. Malware inspection is not disabled. The license must be extended for continued access to anti-virus updates.

The number of users associated with a Traffic Inspector Anti-Virus powered by Kaspersky license determines the number of user accounts for which malware inspection can be enabled.

Immediately after installation, Traffic Program runs in demo mode. Demo mode only supports up to three user accounts and severely restricts program functionality.

A trial version of Traffic Inspector is fully functional but time-limited. After the 30-day trial period expires, the program will revert to demo mode.

The only difference between the trial version and the full version is that trial version is time-limited while full version is not.

There are two license types: a trial license and a purchased license.

With a trial license, you can evaluate a fully functional copy of the software for free for 30 days. This trial period may be extended in certain circumstances.

A purchased license is permanent and never expires. A purchased license comes with one year of support and product updates. Activation of a purchased license will remove any existing trial license.

Traffic Inspector licenses cannot be combined or divided. A separate license is required for each additional server.

You can transfer your Traffic Inspector license to another machine. To do that, remove Traffic Inspector from the original server, then install and activate the program on a new server. Please note that the previous installation will be invalidated and reverting to the previously used hardware configuration is not allowed.

Upgrading your license allows you to add more user accounts to the program. The cost to upgrade the license is the price difference between the current license and the new license.

The procedure is slightly different depending on whether you are moving the program to a different computer or not.

If you move the program to a different computer:

•  Install Traffic Inspector on the new computer

•   Stop Traffic Inspector service

• Copy the Config and Data folders from the old installation to the new installation folder

The Config folder contains program configuration files. Do not copy the Data folder if you are not interested in retaining logs and statistics.

If you update Traffic Inspector on the same computer:

• Uninstall the old version of Traffic Inspector

•  Install the new version of Traffic Inspector

You may still backup the necessary folders, but there is usually no need for that. The Config and Data folders are not deleted during uninstallation and will be picked up by the newly installed version of Traffic Inspector.

Malware inspection is provided by the Traffic Inspector Anti-Virus powered by Kaspersky plug-in. Malware inspection is only available for HTTP and SMTP traffic processed by TI web proxy or SMTP Gateway.

To configure malware inspection, follow these instructions. First, make sure that you activated the Traffic Inspector Anti-Virus powered by Kaspersky plug-in. The plug-in should be activated during program activation.

To access the plug-in settings, navigate to the Plug-ins console tree node and then to the Traffic Inspector Anti-Virus powered by Kaspersky node.

Click the Anti-virus Update icon to run anti-virus update.

Click the Anti-virus Settings icon to configure the plug-in settings. On the Malware Inspection tab, select the traffic types that will be scanned. On the Scan Settings tab, select the number of scanning threads, whether or not you want infected data to be disinfected, compressed executable and archive scanning settings, and heuristic analysis settings. You can schedule automatic updates on the Updates tab. If there is an upstream HTTP proxy, configure proxy authentication settings via the general program settings.

Malware Inspection settings that are specific to Web Proxy and SMTP Gateway can be accessed via the Web Proxy Malware Inspection Settings and SMTP Gateway Malware Inspection Settings icons.

When configuring Web Proxy malware settings, you can enable email notifications and the preferred delivery method. If you select the standard delivery method, content is delivered to a client only after it is fully downloaded and scanned by Traffic Inspector. If trickling is used, Traffic Inspector delivers and scans transferred files simultaneously. If a file is infected, delivery is blocked by holding back the last portion of the file.

When configuring SMTP Gateway malware settings, you can enable email notifications and specify settings for tagging emails containing objects that cannot be scanned.

The final configuration step involves specifying users and groups that will have their traffic inspected by the KAV plug-in. To selectively enable malware inspection, right-click on the desired user or group and choose the Attributes menu item. Change the value of the Traffic Inspector Anti-Virus powered by Kaspersky attribute to "No"/"Yes" or 0/1 as needed.

If malware inspection is enabled for a group that contains, say, 50 users and only 30 antivirus licenses are available, then malware inspection will be only enabled for the first 30 users of that group.

Every time you launch the Administration Console, the program warns you of any unresolved configuration issues. If you have not configured backup, there will be a warning informing you that backup is not configured. Expand the disclosure widget and click on the Configure a backup task icon.

Another way to access backup settings is by navigating to the Maintenance console tree node and then clicking on the Backup link.

On the General tab, select the Enable backup checkbox to enable backup. The backup task may be run manually or scheduled for a specific time. To schedule a backup task, click on the Schedule button and set the appropriate time settings.

On the Backup Settings tab, select the destination for saving backup data. Choose a backup method: select the Back up without resizing files radio button or the Backup data for a specified period radio button. Choose whether you want to backup the proxy cache index file. Select whether you want new files to be created for each backup or whether backup files will be overwritten.

On the Custom Backup tab, specify the retention period for backup data. A custom retention period may be specified for specific database files.

The Connection Failover feature prevents downtime and connection loss by ensuring that Traffic Inspector fails over to one of the backup connections if the primary connection becomes unavailable.

Follow these steps to configure Connection Failover:

Make sure that you use RRAS-based NAT and there are two or more external interfaces available. There must be a default route for each external interface. Default routes must have different metrics.

Launch the Configuration Wizard, navigate to the Connection Failover tab and select the Enable connection failover check box. Navigate to the Connection Failover console tree node (subnode of the External Networks node) and go to the properties window. Configure Connection Failover settings:

• 
  

• specify probing interval (i.e. interval between route availability checks)

• specify IP address of the probe host (if the probe host is reachable, the connection is OK)

• specify response time (if ICMP round-trip time is less than specified response time, the connection is OK)

• enable connection availability logging, if required

• select interfaces for which the connection failover functionality will be enabled

• select one primary interface and backup interfaces

Connection Failover is currently only supported for Ethernet interfaces.

Flood mitigation is a unique feature that allows users to be blocked when they generate excessive network traffic. Such behavior usually indicates that the machine is infected with a virus that replicates itself by using the network, or that a user is unfairly monopolizing the available bandwidth (by running a BitTorrent client, for example). Once the connections threshold is reached, the user is automatically blocked and prevented from further saturating the Internet connection.

Flood mitigation requires that network statistics collection be enabled. Flood mitigation and network statistics collection may be configured for a particular user/group or all users:

• User account --> Properties --> Network Statistics tab (for a particular user)

• Group account --> Properties --> Network Statistics tab (for a particular group)

• User Management console tree node --> Properties --> Network Statistics tab (for all users)

Flood mitigation configuration involves two steps:

1. Set the Collect network statistics checkbox to enable network statistics collection.

Specify sync interval (20 minutes by default). Sync interval determines how often synchronization to a database takes place and also the period of time before the Flood mitigation connection counter is reset.

2. Set the Enable Flood Mitigation checkbox and specify the block threshold limit and block interval.

Sync interval and block threshold values may have to be empirically adjusted to avoid false positives.

Follow these steps to make a user exempt from firewall and traffic rules restrictions:

• Locate the user account and go to its properties window.

• On the Traffic Policy tab, select the Disable network filters and firewall for this user checkbox.

As a result, traffic rules and internal firewall rules will not be applied to the selected user. This option allows administrators to retain remote access to the TI server in case the firewall is not properly configured, but it can also be used to make a user exempt from all traffic restrictions.

There is a good video tutorial tutorial on this topic available on our website.

Traffic Inspector offers various authentication options: IP/MAC/VLAN ID-based authentication and BASIC / NTLM authentication. From the user perspective, the following methods are available:

TI Agent-based authentication

Windows-based computers can authenticate via TI Agent, a small program that authenticates users to Traffic Inspector server and displays current user account balances and TI notifications. TI Agent currently only supports Microsoft Windows and can be downloaded from the integrated Web Portal.

Web Agent

Computers running non-Windows operating systems (Linux, Mac OS, etc.), tablet computers and smartphones can authenticate via Web Agent, a TI Agent that runs directly in your web browser. Authentication is lost if the Web Agent window is closed. Using Web Agent also requires that pop-up blocking be turned off.

Proxy authentication

Users that access the Internet via Traffic Inspector web proxy can use proxy authentication.

Single Sign-On Authentication

The single sign on allows end users to log into a Windows client machine on a domain, then access the Internet via the Traffic Inspector web proxy without signing on again. This functionality is only available when the Traffic Inspector server is joined to an Active Directory domain.

Consult your network administrator for information about alternative authentication methods.

Please check if one of the following issues is preventing successful installation.

• The user lacks sufficient administrator privileges to install new software on the computer

• The user lacks sufficient permissions to access the installation directory.

• Internet connection is not available during installation

• Traffic Inspector prerequisites are not installed (.NET Framework, Microsoft Visual C++ Redistributable Package)

• A pirated version of Window OS is being used

• Third-party antivirus software is interfering with Traffic Inspector’s installation

• The previous version of Traffic Inspector was not properly uninstalled

The activation process involves contacting our activation server, so Internet connectivity is required. If there is an upstream HTTP proxy, configure proxy authentication settings via the general program settings.

If you encounter the "Invalid ID or PIN" error, make sure that you entered your ID and PIN correctly.

If you encounter the "Socket error 11004 - Valid name, no data record of requested type" error, check your DNS server settings.

If you encounter the "Activation limit reached" error, contact our tech support team at support@smart-soft.ru to reset the activation limit.

If you encounter "The activation server responded, but program activation failed" error, check your server’s time and date settings and restart the Traffic Inspector service. Computer clock synchronization may be required. It is recommended that you synchronize your computer clock with an Internet time server (even if the computer is a member of a domain).

If you have anti-virus software is installed on the computer, make sure that the anti-virus is not preventing Traffic Inspector from accessing and modifying files in the installation directory. This can be achieved by excluding the Traffic Inspector installation directory from virus scanning in your anti-virus software settings.

If the Traffic Inspector service was not properly uninstalled, uninstall it by calling:

            sc.exe delete trafinspsrv

If the Traffic Inspector network driver was not properly uninstalled, try removing it manually following these steps:

1.      Open Network Connections

2.      Click one of the local area connections used by Traffic Inspector and go to its properties window.

3.      On the General tab, in This connection uses the following items, click the Traffic Inspector network driver and then click Uninstall.

4.      In the Uninstall dialog box, click Yes.

Uninstalling the Traffic Inspector network driver removes it from all network connections.    

If the above methods do not help, try using a third-party uninstaller.

Please contact our sales team at sales@smart-soft.ru. Describe the problem and provide your purchase information.

By default, Traffic Inspector prevents unauthenticated users from accessing the Internet. Users are forced to authenticate to Traffic Inspector before being granted network access. Please configure Traffic Inspector to provide Internet access for your home or office network.

By default, Traffic Inspector blocks access to external networks (i.e. Internet) when TI service is not running. This option is used to prevent uncontrolled traffic consumption. To change this behavior, follow these steps: Go to the Start Page of the Traffic Inspector snap-in andclick on the Program Settings icon. On the Network Driver tab, deselect the Block external networks when TI service is not running checkbox.

Problems with report generation can be caused by one of the following issues: anti-virus software, improper configuration of Traffic Inspector or traffic rules.

If you have anti-virus software installed on your computer, make sure that the anti-virus is not preventing Traffic Inspector from accessing and modifying files in the installation directory. This can be achieved by excluding the Traffic Inspector installation directory from virus scanning in your anti-virus software settings.

Verify that network statistics collection is enabled for a particular user/group or all users as required:

• User account --> Properties --> Network Statistics tab (for a particular user)

• Group account --> Properties --> Network Statistics tab (for a particular group)

• User Management console tree node --> Properties --> Network Statistics tab (for all users)

Check if there are traffic rules in the Allow Rule for All category. Packets that match these rules are excluded from network statistics.

Please note that by default collected data is written to a database every 20 minutes, so it does not appear in reports immediately.