FAQ

General questions

  • Where can I get help with regard to the SecureTower system?

    You can request assistance from the sales department by phone +375 (17) 311-10-14 or the manager, you communicate with, as well as the support service of Falcongaze by phone +375 (17) 311-10-14. Besides, you can send any general questions to e-mail contact@falcongaze.com. You can contact the technical support service by e-mail support@falcongaze.com, and with the sales department – by e-mail sales@falcongaze.com.

  • Is SecureTower a software or hardware product?

    SecureTower is an exclusively software product which can be installed on a dedicated server or a virtual machine under the control of Windows OS. It should be mentioned that a possibility of data capturing by a few methods is implemented in the program, and if a centralized method is used, it is necessary to provide a network commutator with an option of traffic mirroring to a separate port. It is not necessary, if the data are captured by means of agents, from a logging box or proxy server with ICAP support.

  • What is SecureTower?

    SecureTower is a software product, developed by Falcongaze, providing prevention of corporate data leakage and comprising a wide range of means for analysis of the staff performance efficiency. SecureTower contributes to implementation of a comprehensive approach to confidential information protection and is a powerful instrument of management of reputational, operational and even legal risks. It provides optimization of the company’s business processes and its economic and information security.

Questions about purchase

  • What is necessary for installation of the SecureTower trial version?

    To install the SecureTower trial version, you need a computer, server or virtual machine, meeting the following system requirements:

    Processor: 2.2+ GHz and higher (4 cores and higher)

    Network adapter: 1 Gb (2 adapters with centralized capturing)

    RAM: 6 GB or higher

    Hard disc: On the basis of 1.5 GB of captured data per 1 user per month. E.g., 1.5 GB * 25 users * 1 month = 37.5 GB. It is the space on the disc, required for storage of the data, captured within 1 month from 25 users.

  • What is the trial version of the SecureTower system?

    It is a fully functional demo version of SecureTower which is provided for all interested companies for the periods and number of workstations under control, established on an individual basis.

  • How is the product key is provided after purchase?

    The key is a USB device with a braided license which determines the amount of the controlled protocols and users. The client can obtain the key by several methods: in person or by post with guaranteed delivery.

  • Which principle is used for the software licensing?

    Licensing both for individual modules and for a particular amount of the controlled users is used for SecureTower. The minimum license includes a possibility of data capture from up to 25 users for all communication channels and protocols. When purchasing SecureTower, you can freely vary the number of the controlled protocols and users in the license.

Questions about capabilities

  • Is it possible to lock up messages, sent by e-mail, by means of SecureTower?

    Yes, the possibility of lock-up of messages, sent by users by e-mail, is implemented in SecureTower, including those, transferred by means of the secured protocols.

  • Is it possible to install SecureTower in the network, without notifying the system administrator?

    To install SecureTower, you require the administrator’s rights on the local server, as well as remote computers, where the agents will be installed. If you have such rights, you do not have to inform the system administrator. This enables control of activities of all employees, including the system administrators, regarding compliance with the corporate policy, by the information security department specialists.

  • Can SecureTower lock up file transfer to external media?

    Yes, SecureTower provides lock-up of file transfer to external media. Besides, you can assign users, that cannot copy data on the external media, determine “prohibited” file extensions or device types.

  • Can SecureTower operate, if the company’s offices are located in different cities / regions / countries?

    Yes, SecureTower supports operation in companies with the geographically-distributed office structures. The software provides control of different communication channels, as well as monitoring of the staff activities, using a remote access to several resources or combining all analyzed data into a single centralized storage.

  • How does SecureTower identify that the confidential document is transferred?

    The technologies, used in SecureTower for the data analysis, minimize false responses of the system to the incidents, related to violation of the security policy, established in the company. The software can check the documents, sent through a network, regarding their attributes and content, using the preliminary determined key words, taking into account the morphology. SecureTower can also carry out an analysis on the basis of regular phrases for sending of the data of a particular type, e.g., passport or credit card numbers. Besides, the software uses the digital fingerprint technology which functions are as follows: the system creates digital images of the confidential documents, saves them in the database, and then compares them with every document, transferred in the corporate network. In case of any matches, SecureTower sends notifications on the confidential documents transfer. The system also cap make digital fingerprints of entire databases. Moreover, sending of the confidential document of database by e-mail can be locked up.

  • Does SecureTower capture encrypted data?

    Yes, the system captures and analyzes the information, transferred by means of secure protocols, using SSL/TLS encryption (HTTPS, FTPS, e-mail and messenger encrypted protocols). If any encrypted object is sent in the network (e.g., a password-protected archive), the system will capture it and send a notification on detection of such data. The software has an instrument, called a keylogger, which registers all button pressing on the users’ keyboards, which can be helpful in detecting of content of the encrypted documents.

  • Is it possible to establish security rules for prohibition of access to some websites for users?

    Using such option as lock-up of HTTP/HTTPS requests, in SecureTower, you can prohibit users’ access of users to the websites, transition to which contradicts the corporate security policy.

  • Is it possible to capture mail on postbox servers?

    Yes, the system allows capturing of the mail, sent through MS Exchange, as well as all other postbox servers (Lotus, Sendmail, etc.). It also supports capture of e-mail messages, sent and received by means of Microsoft Office 365 cloud service, which is especially important for SMB sector companies, that do not require use of physical servers.

  • It is necessary to install the SecureTower agents on the workstations?

    If you need to capture and analyze only a usual non-encrypted traffic, the agents are not required. However, to capture the encrypted and Skype traffic, as well as for use of a wide range of the system options (screenshots and tracking of application activities on the users’ computers, control of the data, copied to external media and exchange buffer, as well as sent for printing, automatic matching of the particular information, etc.), it is necessary to install the agents on the workstations.

  • Is it possible to conceal the fact of the agent presence on the user’s computer?

    Yes. It is possible to conceal the agent process and service, as well as the agent files and folders on conflict with some antiviral programs, therefore, change of their settings can be required.

  • How are the SecureTower agents installed on the workstations?

    There are 3 ways of the SecureTower installation on the workstations of the employees: by means of the administrator’s console, group policies (GPO) or System Center Configuration Manager (SCCM) and with the use of an installer, started manually on the selected workstations. The agent installation is completely unnoticed by users. You can find the agent installation on the server with the SecureTower in folder C:\Program Files\Falcongaze SecureTower\EPA Control Server\Agent\. ReadMe.txt, and detailed installation instructions can also be find there.

  • What will happen, if the company employee removes the agent from the computer?

    If the user removes the agent program from the computer, the SecureTower will automatically reinstall it on the workstation. Besides, the information on this incident can be tracked in a special window of agent status on the administrator’s console.

    There are a few options of the agent protection from deletion:

    1. the agent hiding. In this mode, the agent hides the service, catalogues and its process in the task manager. The user is not able to detect and, consequently, delete it;

    2. the agent protection from the process termination. In this mode, the agent is detectable in the task manager. If the user tries to terminate the process, a message, that it is an important system process and it is not recommended to terminate it, will be displayed. If the user still tries to perform the process termination, the computer will reboot.

  • Which USB devices can be controlled by means of SecureTower?

    SecureTower provides control of a wide range of USB devices, from flash memory cards to mobile phones. Besides, access to the use of the external media can be both allowed and prohibited, creating the so-called white and black lists. E.g., if necessary, the use of only corporate USB devices can be allowed. Different parameters can be specified as a criterion: the device serial number, identifier of the manufacturer, product or device, device name or type. All settings can be applied both for individual users and entire departments. Moreover, there is a possibility of saving (shadow copy creation) of all data which the user records on the USB media.

  • Is it possible to make reports on individual users?

    Yes, apart from the instruments for collection of the general quantitative parameters, as well as detection of users, more actively using different communication channels, the SecureTower system provides creation of individual reports for every network user. This type of reports allows obtaining of statistical data of the employees’ activities on the computers within the specified period, regarding a great number of criteria. Thus, the report contains the information on the employee’s working day duration, quantitative information on the websites, visited by the user, messages, sent through messengers and other statistical data.

Technical questions

  • How quickly SecureTower processes the information in databases?

    SecureTower is optimized for work with large and dynamically updating information volumes. When the database is updated, only new data are indexed, without any excessive time and resource spending for indexing of all information. It is essential for big companies, keeping significant client or abonent databases. The default interval of data processing in the database is 30 minutes, which can be set on an individual basis.

  • In what form is the captured information stored?

    The information is stored in a formatted form in the database, access for which is limited by the administrator. Check with log-in and password is used on default. If necessary, you can also assign IP addresses, allowed to access the database.

  • Is the database with the previously captured information available after the license expiration?

    Yes, it is. After the license expiration, the data capture and analysis will be no longer carried out, but the previously captured information will still be available on the client console.

  • What disc space is required for database storage?

    Estimating the disc space, use the formula of 1.5 GB data per 1 user per 1 month. E.g., 1.5 GB * 100 users * 6 months = 900 GB. It is the free space on the disc, required for storage of information, obtained from 100 users and captured within 6 months. The total volumes of the disc space, necessary for the database storage, depend on specific features of every individual company.

  • Does SecureTower support the Linux/Mac OS?

    The SecureTower components can be installed only on the Microsoft Windows family operating systems. It is related to not only the server components, but also the agents, intended for the data control and analysis. In the future, it is quite possible that separate components of SecureTower for Unix/Linux and macOS will appear. Besides, the information capturing from the devices with the operating systems other than Windows (iOS, Android, Unix/Linux, macOS, etc.), is possible by a centralized method, when all traffic from these devices is mirrored into an individual commutator span port, from where it is transferred to the server with SecureTower. In this case, only the non-encrypted traffic can be controlled.

  • Do the SecureTower agents affect the production capacity of the workstations, they are installed on?

    The SecureTower agents have no significant effect on production capacity and speed of performance of the employees’ computers, not disturbing fulfillment of the staff duties. The agent program size is just 15-20 Mbyte.

  • Does SecureTower affect the network bandwidth and work output?

    SecureTower has practically no influence on the network and does not disturb performance of other network applications. All captured data are transferred to the server in small amounts and with the particular frequency, which enables a uniform distribution of the network load. A possibility of limitation of the speed of the data transfer, that can be used by the agents for transfer of the captured data to the server, is provided for the channels with a low transmission capacity.

  • Which databases does SecureTower support?

    SecureTower supports commercial databases such as MS SQL Server and Oracle, which are often used by large companies, as well as free ones such as PostgreSQL, MySQLite, which are mainly used by small and medium-sized businesses. At the same time there is native support of SQLite in SecureTower, which allows to quickly start working with the product without installing other databases.

  • Is it possible to set an automatic database clearing?

    Yes, when performing settings of the captured information indexing, the time intervals for the database clearing can be set in SecureTower. The default time of the information storage is within 30 days – i.e., the data, obtained 30 days before, will be deleted.

  • What is the principle of operation of the database digital fingerprint technology?

    The unique software toolset provides tracking particular data from the existing databases in the information flows: e.g., you can set the system in such a manner that it responses to the transfer of a combination of name, job position and e-mail address. Besides, in this case, the threat notification system will response only to the specified combination and ignore the name only, which allows minimizing of false responses. The digital fingerprint technology in SecureTower is adapted to the special character of different companies and provides settings in accordance with the particular needs of any company.

  • Is the SecureTower system compatible with Active Directory? (AD)

    Yes. SecureTower completely synchronizes with Active Directory and ensures use of such options as:

    • automatic creation of user's cards, when the SecureTower server obtains information from the agent with the captured data on this user;
    • a possibility to install the agents and create setting profiles for them, with an account of particular departments, from Active Directory;
    • a possibility to specify the domains to work with and to ignore in SecureTower;
    • automatical updating of cards in SecureTower, if there were any changes in AD.

  • Is it obligatory to integrate SecureTower with Active Directory?

    No, this integration is not obligatory. Availability of Active Directory just provides some additional options and helps automatize some processes, such as creation of user’s cards. If AD is present, it occurs automatically, while it must be made manually in the networks with working groups.

  • Can SecureTower lock up ports?

    By means of SecureTower, you can lock up ports, used by the HTTP, HTTPS and SMTP protocols (25, 80, 443, 8080). If it is necessary to lock up a wider range of ports, use the means of the imbedded Windows firewall or solutions, offered by third party manufacturers.

  • Is it possible to transform voice messages into text and carry out corresponding search?

    No, this option is not provided. All captured voice messages and calls of the users are stored in mp3 format, therefore, you can listen to them on the SecureTower client console or by means of third-party music players (Windows Media player, AIMP!, etc.).

  • Can SecureTower control the data, transferred by means of SIP telephony?

    Yes, a possibility to control text and voice messages, transferred by means of the SIP protocol in the program IP telephony, is implemented in SecureTower.

  • Which format is used for saving of captured calls by Skype and SIP?

    All captured calls by Skype and SIP are saved in mp3 format, besides, the system allows setting of the audio quality compression.

  • Is it possible to install the agent on a terminal server?

    Yes, besides, SecureTower can identify all server users.