Watching the Web: AAAE Wanted a Way to Monitor Internet Usage to Assess Bandwidth Needs and to Provide a Record of Employee Web Activity
Anderson, Teresa, Security Management
THE AMERICAN Association of Airport Executives (AAAE), headquartered in Alexandria, Virginia, has nearly 80 employees, and as in most workplaces, employees use the Internet as a critical tool to obtain and share information. Patrick Osborne, senior vice president of IT at AAAE, has taken a number of steps to ensure network security over the years. He has installed e-mail-sanitizing products, virus protection, a firewall, and intrusion detection systems to protect the network from outside attack. But he was bothered that a critical part of the protection equation was not addressed: He needed a way to monitor Internet usage companywide and per employee.
"Initially, we wanted to look at monitoring to justify more bandwidth if we needed it," says Osborne. "But we also wanted to determine which employees were using the Internet and for what reason."
When he looked into available products, however, he was unsatisfied with the options. At first, Osborne brought in two different bandwidth utilization software packages for testing. Both of the programs caused the organization's switches to fail. (A switch is a device that channels incoming data from multiple input ports to its intended destination.) To run the software, AAAE would have had to install redundant switches. Because that was cost prohibitive, the project was put on hold.
The solution came from an unexpected quarter. A company called eTelemetry, based in Annapolis, Maryland, had a product that monitored wireless Internet use at airports, and Osborne was doing a project with the company that involved the wireless product, which he liked because of its tracking ability and graphic interface.
Osborne casually mentioned that he wished the company had a similar product for traditional networks. A few months later, an eTelemetry representative called with information about two new Internet usage monitoring products that might do what Osborne wanted.
The products are called Metron and Locate. Metron is the monitoring tool, and Locate creates an active directory that synchs IP addresses to specific departments and employees. This tool is critical, says Osborne, because other products that he looked at merely listed an IP address; it was up to the IT department to manually cross-reference the address to a user.
Last summer, Osborne went to senior management to get approval for the Metron and Locate systems. (The cost of the two systems was $22,500.) "It was a pretty easy sell," says Osborne. "Partly because IT has a good relationship with senior management but also because of the information Metron could offer us."
The information included statistics showing that most viruses or other malicious code gets into a company network via employee Internet activity.
Installation began in early October. Osborne wanted the system up and running by December so that he could introduce it at the organization's staff retreat that month.
There were a few glitches in the installation, according to Osborne. The first was that the association hadn't realized that it would need additional ports--input points for the switches--for both the Metron and Locate devices. Adding that capability was not a major hurdle, however, as the small piece of hardware that provides additional ports is not costly. …