INFO
Network Profiler will record who contacted the server, on what port the communication was initiated and if the server initiated connection to any other internal or external machine. Everything transaction is recorded with a timestamp. Even if a machine tries to contact or scan a random port (closed or open) will be recorded
At any time if attacker opens a port, a separate thread will alert the management
Profiler will look for all the incoming and outgoing traffic. Following shows internal to external traffic
Here is the internal to internal traffic view
E.g. machine A is infected with a virus. Virus scans other machines on the same subnet. Scan could be identified
Outbound traffic details and packet counters
TimeStamps / Port
