NarusInsight Supercomputer Network Monitoring Software

In 2005 the FBI replaced Carnivore with commercially available network monitoring software such as NarusInsight, produced by Narus, a subsidiary of Boeing, headquartered in Sunnyvale, California.

"Features of NarusInsight include:

"♦ Scalability to support surveillance of large, complex IP networks (such as the Internet)

"♦ High-speed Packet processing performance, which enables it to sift through the vast quantities of information that travel over the Internet.

"♦ Normalization, Correlation, Aggregation and Analysis provide a model of user, element, protocol, application and network behaviors, in real-time. That is it can track individual users, monitor which applications they are using (e.g. web browsers, instant messaging applications, email) and what they are doing with those applications (e.g. which web sites they have visited, what they have written in their emails/IM conversations), and see how users' activities are connected to each other (e.g. compiling lists of people who visit a certain type of web site or use certain words or phrases in their emails).

"♦ High reliability from data collection to data processing and analysis.

"♦ NarusInsight's functionality can be configured to feed a particular activity or IP service such as security, lawful intercept or even Skype detection and blocking.

"♦ Compliance with CALEA and ETSI.

"♦ Certified by Telecommunication Engineering Center (TEC) in India for lawful intercept and monitoring systems for ISPs.

"The intercepted data flows into NarusInsight Intercept Suite. This data is stored and analyzed for surveillance and forensic analysis purposes.

"Other capabilities include playback of streaming media (i.e. VoIP), rendering of web pages, examination of e-mail and the ability to analyze the payload/attachments of e-mail or file transfer protocols. Narus partner products, such as Pen-Link, offer the ability to quickly analyze information collected by the Directed Analysis or Lawful Intercept modules.

"A single NarusInsight machine can monitor traffic equal to the maximum capacity (10 Gbit/s) of around 39,000 DSL lines or 195,000 telephone modems. But, in practical terms, since individual internet connections are not continually filled to capacity, the 10 Gbit/s capacity of one NarusInsight installation enables it to monitor the combined traffic of several million broadband users.

"According to a company press release, the latest version of NarusInsight Intercept Suite (NIS) is "the industry's only network traffic intelligence system that supports real-time precision targeting, capturing and reconstruction of webmail traffic... including Google Gmail, MSN Hotmail, Yahoo! Mail, and Gawab Mail (English and Arabic versions)."

"It can also perform semantic analysis of the same traffic as it is happening, in other words analyze the content, meaning, structure and significance of traffic in real time. The exact use of this data is not fully documented, as the public is not authorized to see what types of activities and ideas are being monitored" (Wikipedia article on Narus [company], accessed 01-14-2012).