Your company depends on you to keep its systems running smoothly and securely at all times. Unfortunately, the origins of most security or performance issues — whether due to malicious act, user non-compliance or simple bandwidth misallocation — generally lie beneath the surface of your network. 

Developed by eEye Digital Security, a leading developer of advanced network security products, Iris is a highly sophisticated yet simple-to-operate network traffic analyzer. Iris allows you to easily examine the inner workings of your network, making the detective work of pinpointing a security breach or resolving a performance problem quick and effortless.

Rather than looking at raw data in packets and trying to understand what it represents, Iris takes network traffic and returns it to its original format with the simple click of a button. With Iris, you’ll be able to read the actual text of an email — as well as any attachments — exactly as it was sent. Iris will reconstruct the actual html pages that your users have visited and even simulate cookies for entry into password-protected websites. 

With Iris, automated filters can be set up in any number of combinations to flag and record specific network traffic that contains a particular MAC or IP address, unacceptable words or websites and more to quickly determine whether or not company security is being compromised or corporate policies abused. Iris also provides a larger variety of statistical measurements than any other traffic analyzer available, allowing you to proactively identify — and take steps to eliminate — performance issues before they can result in major downtime for your users. 

Iris’ highly advanced sniffing engine is continually fine-tuned to deliver more optimized data capture and decoding for networks of all sizes and all levels of complexity. With Iris, nothing crosses your network without you knowing about it.
 

Unrivaled Ease of Use
Despite its highly sophisticated functioning, Iris was designed to be the easiest-to-operate network traffic analyzer on the market. Iris functions in much the same way as a VCR, recording communications data traveling across your network and playing it back at a later time (or in real time). Rather than looking at raw data in packets and trying to understand what it represents, Iris gives you the ability to reconstruct network traffic — such as emails, instant messages, web pages and more — back into its original format with the simple click of a button. In addition, the simple-to-navigate, graphical user interface provides easy point-and-click control over all functions of Iris.
 

Comprehensive Traffic Statistics and Reports
Iris provides a larger variety of statistical measurements than any other traffic analyzer available. These metrics can be viewed in an assortment of graphical views, such as pie charts and bar graphs, and provide information on protocol distribution, top hosts, packet-size distribution and bandwidth usage. Iris also allows you to generate comprehensive traffic reports that can be viewed in a browser window, printed out or copied into another program
 

Advanced Data Reconstruction
Iris’ powerful data reconstruction capabilities take raw data in packets and turn it into complete HTTP, SMTP and POP3 sessions in their original format. With Iris, you will have the ability to view both outgoing and incoming email messages, web browsing sessions, instant messenger exchanges, non-encrypted web-based email and FTP transfers.
 

Sophisticated Packet Manipulation and Forging Capabilities
Iris’ Packet Editor gives you the ability to create custom or spoof packets and to send them across the Internet, to specific ports or addresses, or repeatedly across the network. By analyzing the ensuing traffic patterns, you can troubleshoot and stress-test your network, test the integrity of your firewalls and more.
 

Extensive Filtering Options
Iris can be easily configured to only capture specific data through any combination of packet filters. Packet filters can be based on the hardware or protocol layer, any number of key words, MAC or IP address, source and destination port, custom data and size of the packets. When setting up filters, you can have Iris either capture only those packets matching the filter condition or to exclude those packets when capturing data. When filtering for keywords, Iris can be configured to capture only the traffic matching the applied filter, or to capture all network traffic and flag the sessions containing the filtered keywords.
 

Valuable Post-Capture Data Analysis (Data Mining) Capabilities
Iris’ Data Miner feature allows you to analyze saved capture files created by Iris or any other network traffic analyzer. Data Miner can process any amount of data, from a single traffic file to large amounts of captured data at one time. All of Iris’ key features — including decoding, searching for keywords, generating traffic statistics, creating traffic reports and more — are available for you to make a comprehensive analysis of the saved traffic. With Iris’ Keyword Search feature, you can also have previously captured sessions containing specific words or strings marked for easy identification.

Highly-Developed Protocol Decoding
Iris quickly organizes captured packets by session and categorizes them by protocol such as HTTP or SNMP. In this way, Iris provides a list of all web-browsing sessions, all email grouped by incoming and outgoing, and more for quick and easy analysis.

Powerful Sniffing Engine
Iris’ highly advanced sniffing engine is continually fine-tuned to deliver more optimized data capture and decoding for networks of all sizes and all levels of complexity. Iris can scale up to handle as much traffic as your network generates and still write logs and decode traffic in real time. In addition, Iris has a fast packet injector that handles up to 9000 packets per second.

Highly-Developed Scheduling Function
Rather than capturing data from your entire enterprise at all times, you can configure Iris to automatically run and capture packets only in certain time frames with its advanced yet easy-to-use Scheduler function. With Scheduler, you can set Iris to automatically capture data day or night during any number of time frames per week.

Useful Alerting Capabilities
Iris’ Guard module monitors all connections to your computer, and can be configured to alert you when a specific connection is detected. Guard keeps a log of the date and time of the connection attempt, the IP address, the port involved and more.
 

Provides Forensic Evidence of Security Breaches
Iris will capture every movement an attacker has made through your network and create a complete audit trail of his or her activity. In addition, any internal users who may have inadvertently or knowingly contributed to the security breach can be identified. Because Iris makes the job of decoding and analyzing that critical information fast and easy, you save valuable time in catching the perpetrators.

Assists in Troubleshooting Performance Issues
By monitoring network traffic statistics, Iris allows you to quickly pinpoint the sources of performance problems. Armed with this knowledge, you can take immediate action to resolve issues and more quickly get your users back in business. More importantly, Iris allows you to continuously monitor network performance, and to proactively identify — and take steps to eliminate — issues before they can result in major downtime for your users.
 

Facilitates Policy Enforcement
With Iris, automated filters can be set up in any number of combinations to flag and record specific network traffic that contains a particular MAC or IP address, unacceptable words or websites and more. Because you can actually see the web pages and email attachments viewed by suspicious employees, you can quickly determine whether or not company security is being compromised or corporate policies abused. In addition, Iris delivers a complete audit trail of network activity, delivering the evidence you need to take appropriate action against those committing malicious or non-compliant acts.

Assists in Program Debugging
Iris is an outstanding tool for helping programmers debug new applications while they are still in the development stage. By allowing an application to run and monitoring its behavior on the network, Iris can help you spot troublesome behavior before the application is rolled out.
 

Helps You Make Educated Decisions About Your Network
Because Iris gives you an inside view of your network, you will be able to make more informed decisions about the current and future needs of your users. For instance, by analyzing how systems are being used, you can better maximize bandwidth across the network, reallocate resources and more effectively plan for future growth.

A Recognized Educational Tool
Iris provides extra information to aid users in understanding exactly what they are seeing when analyzing traffic, such as categorizing sessions by protocol and displaying incoming and outgoing traffic in different colors. Because Iris is so easy to use, it has become the tool of choice for many educational institutions when teaching about networking. With Iris, even a non-technical employee can understand your analysis of the captured network traffic.

System Requirements

Windows 95/98/Me/NT/2000/XP

Internet Explorer 4.01 with comctl32.dll v5.0+
-or-
Internet Explorer 5.0+

Minimum System - Pentium 166, 32MB RAM, 1GB HDD
Recommended System - Pentium 400, 128MB, 10 GB HDD

.