General

  • What is Traffic Inspector?

    Traffic Inspector is a comprehensive gateway solution for network security and access control that is designed for small and medium-sized businesses.


  • What does Traffic Inspector not do?

    Although Traffic Inspector has an extensive set of features, it is not appropriate for some usage scenarios. Traffic Inspector is not designed to be used as accounting software for large Internet service providers. Traffic Inspector is not a personal firewall.


  • What can I do with Traffic Inspector?

    Traffic Inspector enables you to accomplish the majority of tasks when connecting a home or office network to the Internet. Traffic Inspector has an extensive set of features: a secure firewall to protect against network threats, web access rules for blocking unwanted Internet resources, antivirus for scanning web and email traffic, SMTP gateway for filtering spam, a billing system, bandwidth limiter and traffic prioritization, extensive logging and reporting facilities, multiple ISP support and connection failover, advanced routing features and more.


  • What are Traffic Inspector’s key benefits?

    Traffic Inspector is best described as:


    Comprehensive

    Traffic Inspector is an all-in-one gateway solution for network security, web access control and detailed traffic analysis and reporting.


    Simple

    Traffic Inspector is easy to install, configure and administer and does not require extensive knowledge of networking and computers.


    Secure

    The product’s extensive range of network security features protects against the majority of modern Internet threats.


    Flexible

    Traffic Inspector gives you the tools to enforce flexible access control policies with highly customizable subsystems.


    Effective

    By blocking social media sites, entertainment sites, online games, music and video content, Traffic Inspector reduces wasted time and improves employee productivity.


  • What are the minimum system requirements for Traffic Inspector?

    System Requirements


    • Supported OS: Windows 7 x86, Windows 7 x64, Windows 8 x86, Windows 8 x64, Windows 8.1 x86, Windows 8.1 x64, Windows 2008 R2 x64, Windows 2012, Windows 2012 R2

    • Intel(R) Core(TM)2 Duo 6300 1.86GHz processor

    • 2048 MB available RAM
    • 4 GB free hard disk space.

    • Monitor and video adapter with 1024x768 resolution

    • Internet connection

  • How does Traffic Inspector stack up to other gateway solutions?

    Feature

    GFI WebMonitor

    Kerio Control

    Traffic Inspector

    Operation modes

    Proxy

    Proxy

    NAT

    Gateway mode (NAT/Proxy)

    Single interface mode (Proxy)

    NAT

    Not supported

    (Proxy only)

    Custom NAT implementation

    Windows NAT

    Advanced routing

    Unsupported

    Supported

    Supported

    Connection failover

    Unsupported

    Supported

    (two connections only)

    Supported

    Web filtering

    Supported

    Supported

    Supported

    Firewall

    Unsupported

    Supported

    Supported

    Bandwidth management

    Supported

    Supported

    Supported

    Traffic prioritization

    Unsupported

    Supported

    Supported

    Flood Mitigation

    Unsupported

    Unsupported

    Supported

    Accounting for

    terminal server users

    Unsupported

    Unsupported

    Supported

    Spam filtering

    Unsupported

    Unsupported

    Supported

    Active Directory

    integration

    Supported

    Supported

    Supported

    External

    database integration

    MS SQL

    StaR embedded database

    SQLite

    PostgreSQL

    MySQL

    MS SQL

    Integrated

    gateway antivirus

    Supported

    Supported

    Supported

    Billing system

    Unsupported

    Unsupported

    Supported

    Reports and logs

    Supported

    Supported

    Supported


  • Can I use Traffic Inspector as a firewall?

    Traffic Inspector is not designed to be used as a personal firewall. Traffic Inspector should be used as a gateway firewall. You can disable most of Traffic Inspector’s other features and specifically use it as a gateway firewall.


  • Is there a Linux version of Traffic Inspector?

    There is no Linux version of Traffic Inspector currently in development.


  • What is Traffic Inspector Agent?

    TI Agent is a small program that authenticates users to the Traffic Inspector server, displays current user account balances and TI notifications. It also allows users to customize their Internet experience by setting up individual filtering levels and caching modes. TI Agent offers quick access to a personal web page where users can view their network statistics.


  • What are Traffic Inspector plug-ins?

    Traffic Inspector’s functionality can be extended using a plug-in collection maintained by Smart-Soft’s development team. There are five supported plug-ins: DDNS Updater, RAS Dialer, Kaspersky Gate Antivirus, Phishing Blocker and WOT Plug-in.


    The DDNS plug-in automatically updates Dynamic DNS service records with the current gateway IP address. The RAS Dialer plug-in provides a dialer service for dial-up and VPN connections. The Kaspersky Gate Anti-Virus plug-in provides malware inspection for traffic passing through the Web Proxy and SMTP Gateway. The WOT Plug-in and Phishing Blocker assist in blocking unsafe and phishing web sites by querying either the Web of Trust reputation service or Google Safe Browsing.


    Traffic Inspector Anti-Virus powered by Kaspersky and Traffic Inspector Anti-Spam powered by Kaspersky are purchased and licensed separately from Traffic Inspector. All other plug-ins are available under the Traffic Inspector license.


  • How do I get access to updates and technical support?

    A purchased license entitles you to one year of support and technical updates. Your program installation remains fully functional even after the entitlement expires, but you will have to renew the entitlement if you want to have continued access to new product updates and technical support.


    There are two renewal options: standard renewal and late renewal. Standard renewal: a customer has up to 60 days after expiration to renew entitlement for a year by paying 30% of the price of the currently owned license. Late renewal: if more than 60 days have passed since expiration, a customer can renew entitlement for a year by paying 60% of the price of the currently owned license.


Licensing and Activation

  • Licensing glossary

    Version


    A version is identified by a unique version number. Version numbers are assigned in increasing order.


    Upgrade


    Used exclusively to mean “License upgrade.” Upgrading the license allows you to add more user accounts to the program.


    Update


    Used exclusively to mean “Software update.” Each subsequent program version typically implements new features and has fixed bugs. Updating the product ensures that you are using the most stable and feature-rich version.


    Expiration and renewal


    A purchased Traffic Inspector license is permanent and never expires.A purchased license entitles you to one year of support and technical updates. The program installation remains fully functional even after the entitlement expires. You have to renew the entitlement if you want to have continued access to new product updates and technical support.


    The license for the Traffic Inspector Anti-Virus powered by Kaspersky plug-in is separate from the Traffic Inspector license and it is time-limited. Anti-virus updates are disabled after the expiration. Malware inspection is not disabled. You have to extend the license if you want to have continued access to anti-virus updates.

  • How is Traffic Inspector Anti-Virus powered by Kaspersky licensed?

    The license for the Traffic Inspector Anti-Virus powered by Kaspersky plug-in is separate from the Traffic Inspector license.


    The license for the Traffic Inspector Anti-Virus powered by Kaspersky plug-in is time-limited, and anti-virus updates are disabled after expiration. Malware inspection is not disabled. The license must be extended for continued access to anti-virus updates.


    The number of users associated with a Traffic Inspector Anti-Virus powered by Kaspersky license determines the number of user accounts for which malware inspection can be enabled.

  • What is the difference between a demo/trial version and a full version?

    Immediately after installation, Traffic Program runs in demo mode. Demo mode only supports up to three user accounts and severely restricts program functionality.


    A trial version of Traffic Inspector is fully functional but time-limited. After the 30-day trial period expires, the program will revert to demo mode.


    The only difference between the trial version and the full version is that trial version is time-limited while full version is not.

  • How is Traffic Inspector licensed?

    Traffic Inspector is licensed on a per-server basis. The number of users associated with a license determines the number of user accounts supported by the program. A separate license is required for each additional server.


  • What are the available license types?

    There are two license types: a trial license and a purchased license.


    With a trial license, you can evaluate a fully functional copy of the software for free for 30 days. This trial period may be extended in certain circumstances.


    A purchased license is permanent and never expires. A purchased license comes with one year of support and product updates. Activation of a purchased license will remove any existing trial license.


  • What is activation? How does it work?

    Activation is used to validate the product license. The activation process requires an Internet connection to contact our activation server.


    The license that you activate may be a trial license or a purchased license.


    Activating a trial license allows you to try out a free, 30-day fully functional version of the program. To activate a trial license, please, select the Activate a trial license option in the Activation Wizard. You can request an extension when your trial license expires. To do that, select the Request a trial license extension option in the Activation Wizard.


    If you purchased a license, you can activate it by selecting the Activate a purchased license option in the Activation Wizard. When activating a purchased license, any existing trial activation will be removed.

    The Traffic Inspector activation process involves binding. Binding is a process used by the software to derive the unique installation ID based on hardware serial numbers. It is a relatively low-level procedure that you can safely ignore most of the time.


    The only situation when you need to worry about binding is when moving the program from one computer to another, or when changing hardware components. Both situations involve activation of new hardware (invalidating the previous installation ID). Please note that reverting to the old hardware is not allowed.


  • Can I combine or divide licenses?

    Traffic Inspector licenses cannot be combined or divided. A separate license is required for each additional server.


  • Can I transfer a license to another machine?

    You can transfer your Traffic Inspector license to another machine. To do that, remove Traffic Inspector from the original server, then install and activate the program on a new server. Please note that the previous installation will be invalidated and reverting to the previously used hardware configuration is not allowed.

  • What is a license upgrade?

    Upgrading your license allows you to add more user accounts to the program. The cost to upgrade the license is the price difference between the current license and the new license.



Installation and Configuration

  • How do I reinstall Traffic Inspector while retaining my configuration?

    The procedure is slightly different depending on whether you are moving the program to a different computer or not.


    If you move the program to a different computer:


    •  Install Traffic Inspector on the new computer

    •   Stop Traffic Inspector service

    • Copy the Config and Data folders from the old installation to the new installation folder


    The Config folder contains program configuration files. Do not copy the Data folder if you are not interested in retaining logs and statistics.


    If you update Traffic Inspector on the same computer:

    • Uninstall the old version of Traffic Inspector

    •  Install the new version of Traffic Inspector


    You may still backup the necessary folders, but there is usually no need for that. The Config and Data folders are not deleted during uninstallation and will be picked up by the newly installed version of Traffic Inspector.

  • How can I configure malware inspection with Traffic Inspector?

    Malware inspection is provided by the Traffic Inspector Anti-Virus powered by Kaspersky plug-in. Malware inspection is only available for HTTP and SMTP traffic processed by TI web proxy or SMTP Gateway.


    To configure malware inspection, follow these instructions. First, make sure that you activated the Traffic Inspector Anti-Virus powered by Kaspersky plug-in. The plug-in should be activated during program activation.


    To access the plug-in settings, navigate to the Plug-ins console tree node and then to the Traffic Inspector Anti-Virus powered by Kaspersky node.


    Click the Anti-virus Update icon to run anti-virus update.


    Click the Anti-virus Settings icon to configure the plug-in settings. On the Malware Inspection tab, select the traffic types that will be scanned. On the Scan Settings tab, select the number of scanning threads, whether or not you want infected data to be disinfected, compressed executable and archive scanning settings, and heuristic analysis settings. You can schedule automatic updates on the Updates tab. If there is an upstream HTTP proxy, configure proxy authentication settings via the general program settings.


    Malware Inspection settings that are specific to Web Proxy and SMTP Gateway can be accessed via the Web Proxy Malware Inspection Settings and SMTP Gateway Malware Inspection Settings icons.


    When configuring Web Proxy malware settings, you can enable email notifications and the preferred delivery method. If you select the standard delivery method, content is delivered to a client only after it is fully downloaded and scanned by Traffic Inspector. If trickling is used, Traffic Inspector delivers and scans transferred files simultaneously. If a file is infected, delivery is blocked by holding back the last portion of the file.


    When configuring SMTP Gateway malware settings, you can enable email notifications and specify settings for tagging emails containing objects that cannot be scanned.


    The final configuration step involves specifying users and groups that will have their traffic inspected by the KAV plug-in. To selectively enable malware inspection, right-click on the desired user or group and choose the Attributes menu item. Change the value of the Traffic Inspector Anti-Virus powered by Kaspersky attribute to "No"/"Yes" or 0/1 as needed.


    If malware inspection is enabled for a group that contains, say, 50 users and only 30 antivirus licenses are available, then malware inspection will be only enabled for the first 30 users of that group.

  • How do I back up my configuration?

    Every time you launch the Administration Console, the program warns you of any unresolved configuration issues. If you have not configured backup, there will be a warning informing you that backup is not configured. Expand the disclosure widget and click on the Configure a backup task icon.


    Another way to access backup settings is by navigating to the Maintenance console tree node and then clicking on the Backup link.


    On the General tab, select the Enable backup checkbox to enable backup. The backup task may be run manually or scheduled for a specific time. To schedule a backup task, click on the Schedule button and set the appropriate time settings.


    On the Backup Settings tab, select the destination for saving backup data. Choose a backup method: select the Back up without resizing files radio button or the Backup data for a specified period radio button. Choose whether you want to backup the proxy cache index file. Select whether you want new files to be created for each backup or whether backup files will be overwritten.


    On the Custom Backup tab, specify the retention period for backup data. A custom retention period may be specified for specific database files.

  • How do I configure the Connection Failover feature?

    The Connection Failover feature prevents downtime and connection loss by ensuring that Traffic Inspector fails over to one of the backup connections if the primary connection becomes unavailable.


    Follow these steps to configure Connection Failover:


    Make sure that you use RRAS-based NAT and there are two or more external interfaces available. There must be a default route for each external interface. Default routes must have different metrics.


    Launch the Configuration Wizard, navigate to the Connection Failover tab and select the Enable connection failover check box. Navigate to the Connection Failover console tree node (subnode of the External Networks node) and go to the properties window. Configure Connection Failover settings:


    • specify probing interval (i.e. interval between route availability checks)

    • specify IP address of the probe host (if the probe host is reachable, the connection is OK)

    • specify response time (if ICMP round-trip time is less than specified response time, the connection is OK)

    • enable connection availability logging, if required

    • select interfaces for which the connection failover functionality will be enabled

    • select one primary interface and backup interfaces


    Connection Failover is currently only supported for Ethernet interfaces.

  • How do I configure the Flood Mitigation feature?

    Flood mitigation is a unique feature that allows users to be blocked when they generate excessive network traffic. Such behavior usually indicates that the machine is infected with a virus that replicates itself by using the network, or that a user is unfairly monopolizing the available bandwidth (by running a BitTorrent client, for example). Once the connections threshold is reached, the user is automatically blocked and prevented from further saturating the Internet connection.


    Flood mitigation requires that network statistics collection be enabled. Flood mitigation and network statistics collection may be configured for a particular user/group or all users:

    • User account --> Properties --> Network Statistics tab (for a particular user)

    • Group account --> Properties --> Network Statistics tab (for a particular group)

    • User Management console tree node --> Properties --> Network Statistics tab (for all users)


    Flood mitigation configuration involves two steps:


    1. Set the Collect network statistics checkbox to enable network statistics collection.


    Specify sync interval (20 minutes by default). Sync interval determines how often synchronization to a database takes place and also the period of time before the Flood mitigation connection counter is reset.


    2. Set the Enable Flood Mitigation checkbox and specify the block threshold limit and block interval.


    Sync interval and block threshold values may have to be empirically adjusted to avoid false positives.

  • How do I exempt a user from firewall and traffic rules restrictions?

    Follow these steps to make a user exempt from firewall and traffic rules restrictions:

    • Locate the user account and go to its properties window.

    • On the Traffic Policy tab, select the Disable network filters and firewall for this user checkbox.


    As a result, traffic rules and internal firewall rules will not be applied to the selected user. This option allows administrators to retain remote access to the TI server in case the firewall is not properly configured, but it can also be used to make a user exempt from all traffic restrictions.

  • How can I configure Traffic Inspector to provide Internet access for my home or office network?
  • How does Traffic Inspector authenticate users?

    Traffic Inspector offers various authentication options: IP/MAC/VLAN ID-based authentication and BASIC / NTLM authentication. From the user perspective, the following methods are available:


    TI Agent-based authentication


    Windows-based computers can authenticate via TI Agent, a small program that authenticates users to Traffic Inspector server and displays current user account balances and TI notifications. TI Agent currently only supports Microsoft Windows and can be downloaded from the integrated Web Portal.


    Web Agent


    Computers running non-Windows operating systems (Linux, Mac OS, etc.), tablet computers and smartphones can authenticate via Web Agent, a TI Agent that runs directly in your web browser. Authentication is lost if the Web Agent window is closed. Using Web Agent also requires that pop-up blocking be turned off.


    Proxy authentication


    Users that access the Internet via Traffic Inspector web proxy can use proxy authentication.


    Single Sign-On Authentication


    The single sign on allows end users to log into a Windows client machine on a domain, then access the Internet via the Traffic Inspector web proxy without signing on again. This functionality is only available when the Traffic Inspector server is joined to an Active Directory domain.


    Consult your network administrator for information about alternative authentication methods.


  • How do I set up port forwarding with Traffic Inspector?

    You have to know what Windows service provides NAT functionality before you publish a service. On Windows, NAT can be provided by Windows Firewall/Internet Connection Sharing (ICS) or Routing and Remote Access service. Service publishing configuration may involve slightly different steps depending on the Windows service that provides NAT functionality.


    There are two way to publish a service. The first one requires more manual steps: you create a rule in ICS or RRAS, create an external firewall rule in Traffic Inspector, and check that the target LAN computer is authenticated to Traffic Inspector. The other way is more convenient: you run the Service Publishing Wizard, which guides you through the necessary steps to publish a service.



Troubleshooting

  • What do I do if I encounter errors during installation?

    Please check if one of the following issues is preventing successful installation.


    • The user lacks sufficient administrator privileges to install new software on the computer

    • The user lacks sufficient permissions to access the installation directory.

    • Internet connection is not available during installation

    • Traffic Inspector prerequisites are not installed (.NET Framework, Microsoft Visual C++ Redistributable Package)

    • A pirated version of Window OS is being used

    • Third-party antivirus software is interfering with Traffic Inspector’s installation

    • The previous version of Traffic Inspector was not properly uninstalled
  • What should I do if I experience errors during activation?

    The activation process involves contacting our activation server, so Internet connectivity is required. If there is an upstream HTTP proxy, configure proxy authentication settings via the general program settings.


    If you encounter the "Invalid ID or PIN" error, make sure that you entered your ID and PIN correctly.


    If you encounter the "Socket error 11004 - Valid name, no data record of requested type" error, check your DNS server settings.


    If you encounter the "Activation limit reached" error, contact our tech support team at [email protected] to reset the activation limit.


    If you encounter "The activation server responded, but program activation failed" error, check your server’s time and date settings and restart the Traffic Inspector service. Computer clock synchronization may be required. It is recommended that you synchronize your computer clock with an Internet time server (even if the computer is a member of a domain).


    If you have anti-virus software is installed on the computer, make sure that the anti-virus is not preventing Traffic Inspector from accessing and modifying files in the installation directory. This can be achieved by excluding the Traffic Inspector installation directory from virus scanning in your anti-virus software settings.

  • What should I do if I encounter errors during uninstallation?

    If the Traffic Inspector service was not properly uninstalled, uninstall it by calling:


                sc.exe delete trafinspsrv


    If the Traffic Inspector network driver was not properly uninstalled, try removing it manually following these steps:


    1.      Open Network Connections


    2.      Click one of the local area connections used by Traffic Inspector and go to its properties window.


    3.      On the General tab, in This connection uses the following items, click the Traffic Inspector network driver and then click Uninstall.


    4.      In the Uninstall dialog box, click Yes.


    Uninstalling the Traffic Inspector network driver removes it from all network connections.    

     

    If the above methods do not help, try using a third-party uninstaller.

  • How can I recover my activation key?
  • LAN computers cannot access the Internet after Traffic Inspector has been installed.

    By default, Traffic Inspector prevents unauthenticated users from accessing the Internet. Users are forced to authenticate to Traffic Inspector before being granted network access. Please configure Traffic Inspector to provide Internet access for your home or office network.

  • LAN computers cannot access the Internet after Traffic Inspector service is stopped.

    By default, Traffic Inspector blocks access to external networks (i.e. Internet) when TI service is not running. This option is used to prevent uncontrolled traffic consumption. To change this behavior, follow these steps: Go to the Start Page of the Traffic Inspector snap-in andclick on the Program Settings icon. On the Network Driver tab, deselect the Block external networks when TI service is not running checkbox.


  • TI Agent cannot connect to TI server.

    Please check if one of the following issues is preventing a connection.


    • If you encounter the "No connection to server" error, make sure that the Traffic Inspector server is started and Traffic Inspector server firewall settings are correct.

    • If you encounter the "Unable to find server" error, make sure that the Traffic Inspector server IP address is specified correctly.

    • If you encounter the "Socket error 11004 - Valid name, no data record of requested type" error, check your computer’s DNS server settings.

    • If you encounter the "Wrong username or password" error, make sure your username and password are specified correctly.

    • If you encounter the "Wrong authentication type" error, verify that the authentication method is specified correctly.

    • If you encounter the "Synchronization error" error, check your computer time and date settings. Computer clock synchronization may be required. It is recommended that you synchronize your computer clock with an Internet time server (even if the computer is a member of a domain). Alternatively, you can disable the time synchronization check: navigate to the User Management console tree node, go to the properties window, click the TI Agent tab and deselect the Enable time sync check checkbox. Please note that disabling this option weakens the security of the authentication mechanism.


  • Web pages accessed via TI web proxy take a very long time to load.

    Create two external firewall rules that allow outbound TCP connections to api.mywot.com and sb-ssl.google.com. These rules are required by the WOT Plug-in and Phishing Blocker.


  • Problems with generating reports.

    Problems with report generation can be caused by one of the following issues: anti-virus software, improper configuration of Traffic Inspector or traffic rules.


    If you have anti-virus software installed on your computer, make sure that the anti-virus is not preventing Traffic Inspector from accessing and modifying files in the installation directory. This can be achieved by excluding the Traffic Inspector installation directory from virus scanning in your anti-virus software settings.


    Verify that network statistics collection is enabled for a particular user/group or all users as required:


    • User account --> Properties --> Network Statistics tab (for a particular user)

    • Group account --> Properties --> Network Statistics tab (for a particular group)

    • User Management console tree node --> Properties --> Network Statistics tab (for all users)


    Check if there are traffic rules in the Allow Rule for All category. Packets that match these rules are excluded from network statistics.


    Please note that by default collected data is written to a database every 20 minutes, so it does not appear in reports immediately.


  • Terminal server users cannot authenticate to Traffic Inspector.

    Follow these instructions to enable terminal server users to authenticate to the Traffic Inspector server:


    Navigate to the Authentication Rules console tree node. Launch the New Authentication Rule Wizard. The wizard will guide you through the steps necessary to create a new authentication rule. On the Source IP tab specify the IP address of your terminal server. If the terminal server and the Traffic Inspector server run on the same machine, specify the loopback address (i.e. 127.0.0.1). On the Terminal Server tab select the Terminal Server checkbox.


    These settings enable traffic accounting for terminal server users. Multiple terminal server users will be able to authenticate from the same IP address (terminal server). Terminal users will only be able to access the Internet by authenticating each web proxy session.