Install Guide

 

Computer Requirements

Intel I5 or higher processor.
4GB of available memory
Ethernet Network Interface or WIFI Network Interface
Windows 7 or higher, Windows 2008 Server or higher
Framework 4.0

 

Installation

Download the Installer from the LabWatcher.com Website.

Run the Installer

 

 

Windows 8 might prompt that you have been protected

 

 

Click “More Info” or “Actions and select run anways, as the installer is not signed.

 

 

 

 

The installer will then download and install

 

Once its installed a wizard will run and install each component.

 

Enter Your license key to enable Enterprise features

Install WinPCap if its not already installed

Download MaxMinds GEO IP Database.

Download Manufacturer and Port registration lists.

Download Wireshark if its not already installed. Wireshark is only used to view capture logs.

Download NMAP is its not already installed. NMap is used to find assets that do not talk to the internet.

Install ClamAv if its not already installed. Clam is used by the program to scan remote exes that are communicating on the internet. Clam is not installed on the computer, not activated, will not interfere with other AV programs and will never run without labwatch.

Configure Remote collection and install PSExec. Remote Collection installs a small exe on all windows computers in the local network and reports all local port usage along with the Executable attached to them. The username should be in Domain\User format and have administrative access. To disable this feature just uncheck the box marked “Enable Remote Port Retrieval”

Configure WIFI Scanning. If you have a Wireless Interface you can scan for open accesspoints. Select your interface and check the box marked “Enable Wifi AP Scanning”

Configure your Bandwidth setting, the values are in bytes and if they are incorrect then the speed gauges will not be accurate.

Configure your network settings. Normally you should only have to select your network interface to listen on. Choose the interface that is active with your default gateway or the interface you have configured your mirror. The rest of the setting configure how to identify if the traffic is LOCAL or Internet, Make sure these setting are correct or traffic analysis will not be correct.

Finish the Wizard and the Program will Run

 

When the program runs click the “Start Capture” button and the analysis will start.