Case #4: Fine-grained network access logging

Problem: How to keep track of users network activity?

Solution: EdenWall requests a separate authentication for each connection, and includes the user ID in firewall logs. This makes it very easy to track user activities, even if users share computers, change their IP addresses, or move geographically.

Classical firewalls provide only protocol-bound logging features: IP address, MAC address ... None of this information can be used to safely find a user at the source of a connection. Users can use different computers, modify their IP address, or even share their workstation with other users. It also happens that some users use several computers at a given time.

Practically, IP addresses cannot be used to identify users in a strict way, which means that classical firewall logs are difficult to exploit, especially when some time has passed.

Not only firewall access rights, but also network activity logs, are performed by EdenWall according to the identity of each user at the source of connections.

Conclusion: With EdenWall, network accesses are logged per user, no matter which computer they use. The IP address at the source of each connection is also logged, for purely informative purposes.

Presentation

Case #4: Fine-grained network access logging