IT personnel utilize network forensics to analyze historical network traffic in order to conduct investigations for security attack analysis, HR compliance, business transaction analysis, and pinpointing the source of intermittent performance issues.

With the OmniPeek Distributed Analysis Suite you can capture up to 8 Terabytes with our Omnipliance Core Network Recorder. For an unlimited amount of storage, simply connect an Omnipliance to a Storage Area Network (SAN) and analyze events that occurred hours, days, weeks, or even months ago.

Sure you've heard of network forensics to tackle cyber attacks. Who hasn’t? And you’ve probably used it yourself to solve a network security problem or troubleshoot an intermittent problem. But that’s not all network forensics can do.

If you're not already reaching for network forensics to address a pesky intermittent network issue, benchmark application performance for SLAs, or investigate a data breach, you may soon be.

With more businesses relying on the cloud for their IT infrastructure or to deliver their service/products to customers, it’s crucial to be monitoring both operations and the infrastructure. While the network has become more reliable, reliance on web-based and cloud-served applications or storage has lead to more frequent outages of that infrastructure – for example, a Web-based code hosting service that relied on Amazon’s Elastic Compute Cloud (EC2) came crashing down to earth due to a denial-of-service (DDoS) attack.

Get ready now, because if you wait, it’ll be too late. Now – before a specific event actually happens – is the time to start collecting digital evidence and equip yourself to find that needle in the haystack.

When you're searching through gigabytes or terabytes of data, these unique WildPackets features make the difference between a quick, convenient search and a laborious, time-consuming search involving multiple tools and large transfers of data:

• Support for frame decodes during capture
• Support for on-the-fly capture filters
• Support for Selected Related filters
• Support for name table entry and aliases
• Support for multiple simultaneous capture windows
• Ability to sort by number of problems, top talkers, most delays, etc.
• Ability to organize flows by application type
• Ability to organize flows by client/server pair
• Ability to capture from multiple simultaneous NICs
• Ability to capture from 802.11 wireless LANs
• Ability to store packets in a MySQL database
• Conversation Map at the point of capture
• Built-in Experts for recognizing security attacks such as Gin, Jolt, Land, Oversize IP, and WinNuke

While other network forensics products force you to capture with one product, then transfer gigabytes or terabytes of data to another product for analysis, the our solution enables you to analyze data at the point of capture, and eliminates the need for large data transfers that consume time and bandwidth. By utilizing Intelligent Data Transport™, the OmniPeek Distributed Analysis Suite minimizes traffic loads on the network and lets you find the data you're looking for, quickly and easily.

The Compass Dashboard Extension for OmniPeek Enterprise

Compass for OmniPeek Enterprise is an interactive dashboard for post-capture forensics on large quantities of wired and wireless network traffic. Compass employs a gorgeous looking interactive graph, allowing you to visualize and interact with utilization statistics from large quantities of network data, before actually loading a specific time range of packets.

When you have captured very large quantities of network traffic, it is difficult to know where to start your fornesics analysis. It is like a shot in the dark, or like finding a needle in a haystack. You can either open individual trace files one at a time, or run a time consuming forensics search. Both of these techniques assume you have a clue about what to search for. The problem is that often times, you may not have a clue yet.

With Compass for OmniPeek, you can see the utilization, nodes, and protocols for large quantities of network traffic in a visually stunning and interactive graph, without having to load the packets first. In other words, you can see the "when", the "who", and the "what".

Compass is available as a free extension for OmniPeek Enterprise with maintenance. Download it from MyPeek here.

HR Compliance

• Detect and analyze violations of HR policies or industry regulations
• Support compliance efforts for SOX, Gramm-Leach-Bliley, HIPAA, and other industry regulations
• Collect evidence when breaches occur

Intermittent Issues

• Capture and analyze intermittent network problems
• Troubleshoot problems that occurred hours or days ago
• Find the patterns that ad hoc, reactive troubleshooting will miss

Security Cyber Attack Analysis

• Detect and characterize attacks—whether they’ve just begun or occurred days ago
• Apply filters to isolate malicious behavior
• Equip your network IT team with a powerful incident response tool

Transaction Analysis

• Create the ultimate audit trail for business transactions—not just server activity but the business transactions enacted by clients and servers
• Troubleshoot the transaction problems that server logs miss

For more details or to arrange a demo, please call (925) 937-3200 or write to sales@wildpackets.com.