Reference
NetInsightPro Glossary
Definitions of key networking, security, and product terms used in NetInsightPro documentation, marketing pages, and legal agreements.
16 terms
Terminology
- Egress#
- Data flowing outbound from a device or network — the bytes an app sends to remote servers. NetInsightPro measures per-app egress in real time so users see exactly which application is sending data, to where, and how much.
- Exfiltration#
- Unauthorised or unexpected transfer of data from a device or network to an external destination. NetInsightPro detects exfiltration candidates by surfacing anomalous outbound spikes — traffic that exceeds an app's established EWMA baseline without user action.
- Per-app firewall#
- A network control that enforces allow or deny rules at the individual application level rather than at the IP-address or port level. Because many apps share the same destination IPs (CDNs, cloud providers), port-level rules cannot distinguish between them; per-app rules target the specific process opening the connection.
- Byte-level visibility#
- The ability to observe and account for every byte of network traffic, tagged by the originating application. NetInsightPro achieves this through kernel-level capture (Windows Filtering Platform on Windows, Netfilter on Linux, VpnService on Android) without decrypting payload content.
- Data sovereignty#
- The principle that data is subject to the laws and governance of the jurisdiction where it is collected or stored. In NetInsightPro's Hybrid tier, raw telemetry stays within the customer's own infrastructure so it never crosses a jurisdictional boundary; only Ed25519-signed digests reach the cloud.
- HMAC#
- Hash-based Message Authentication Code — a mechanism that combines a cryptographic hash function with a secret key to produce a fixed-length tag. NetInsightPro uses HMAC-SHA256 to authenticate API requests (licence activation, update checks), preventing replay and tampering attacks.
- Signed manifest#
- A file listing the SHA-256 hash of every downloadable build artefact, itself signed with an Ed25519 or EV code-signing key. NetInsightPro publishes a signed manifest at /latest.json so users and automated pipelines can verify the integrity of each installer before execution.
- Network telemetry#
- Structured measurements collected from a device's network stack — connection counts, byte counts, protocol distributions, destination IP and country, first-seen and last-seen timestamps. In NetInsightPro, all raw telemetry is stored on-device; only digest summaries (in the Hybrid tier) or nothing (in the Cloud tier) ever leave the device.
- NetFlow#
- A network protocol (originally Cisco, now standardised as IPFIX) for exporting aggregated flow statistics from routers, switches, or host probes. NetInsightPro can optionally export flow records in IPFIX/NetFlow v9 format to an on-premise SIEM collector (Hybrid and Enterprise tiers).
- SIEM forwarder#
- A software component that exports classified security events to a Security Information and Event Management (SIEM) system. NetInsightPro ships a SIEM forwarder that streams OCSF-formatted JSON over HTTPS webhook or syslog-TLS, enabling correlation with other security telemetry in the customer's SOC.
- License attestation#
- The act of confirming that a device has a valid licence to run the software, typically by presenting a signed token. NetInsightPro's activation flow sends the licence key and a hardware fingerprint (HWID hash) to the licence server; the response is a signed JWT that the client stores and verifies locally on each launch.
- Allowlist#
- A list of applications, IP addresses, or domains explicitly permitted to send or receive network traffic. In NetInsightPro, allowlist rules take priority over blocklist rules and override anomaly alerts, making them useful for trusted background services (OS updaters, corporate VPNs) that would otherwise generate noise.
- Blocklist#
- A list of applications, IP addresses, or domains whose network traffic is denied by the kernel filter. NetInsightPro blocklist rules drop matching packets immediately at the kernel level — no reboot or service restart required. Rules are stored locally; no blocklist data is sent to NetInsightPro servers.
- Telemetry digest#
- A cryptographically signed summary of flow statistics for a given time window, containing aggregated byte counts and connection counts but no raw destination IPs, process names, or payload fragments. In the Hybrid tier, only telemetry digests leave the customer's network; raw events remain in customer-controlled storage.
- On-prem telemetry#
- Network monitoring data stored entirely within the customer's own physical or virtual infrastructure, never sent to a third-party cloud. NetInsightPro's Hybrid and Private deployment tiers use on-prem telemetry storage, satisfying UK GDPR Article 44 restrictions on international data transfer.
- Cloud digests#
- Ed25519-signed summaries of on-prem telemetry that are periodically forwarded to the NetInsightPro cloud control plane for fleet-health dashboards and anomaly trending. Cloud digests contain no raw event data — they carry only counts, hashes, and a validity timestamp — so no personal data or sensitive network topology is exposed.
Terminology in context
Where the words live.
Egress · per-app firewall · byte-level visibility · anomaly detection — see them surfaced inside the Pro console (left) and the Enterprise admin console (right).
Pro
Device
workstation-001 · sarah.mitchell@example.com · macOS 14.5
Healthy · Pro tier
Anomaly detectedCursor — 7.2x bytes-out baseline at 14:23
| App | Bytes | Verdict |
|---|---|---|
ChatGPT Desktop | +2.4 MB/min | |
Claude Desktop | +1.8 MB/min | |
Slack | +6.4 MB/min | |
Dropbox | +14.2 MB/h | |
Spotify | +0.9 MB/min |
bytes_out · last 24h
Sample only — not a live control
Enterprise
Tenant
TechProf Ltd
techprof.netinsightpro.com
Healthy · Enterprise Cloud
Seats142 / 250
| Hostname | Last seen | Status |
|---|---|---|
| workstation-001 | 2 min ago | active |
| mbp-finance-04 | 5 min ago | active |
| devbox-01 | 14 min ago | active |
| pos-store-12 | 47 min ago | idle |
See it in action
Want to see per-app egress control on your own devices?