Network Forensics

IT personnel utilize network forensics to analyze historical network traffic in order to conduct investigations for security attack analysis, HR compliance, business transaction analysis, and pinpointing the source of intermittent performance issues.

Sure you've heard of network forensics to tackle cyber attacks. Who hasn’t? And you’ve probably used it yourself to solve a network security problem or troubleshoot an intermittent problem. But that’s not all network forensics can do.

If you're not already reaching for network forensics to address a pesky intermittent network issue, benchmark application performance for SLAs, or investigate a data breach, you may soon be.

With more businesses relying on the cloud for their IT infrastructure or to deliver their service/products to customers, it's crucial to be monitoring both operations and the infrastructure. While the network has become more reliable, reliance on web-based and cloud-served applications or storage has lead to more frequent outages of that infrastructure - for example, a Web-based code hosting service that relied on Amazon's Elastic Compute Cloud (EC2) came crashing down to earth due to a denial-of-service (DDoS) attack.

Get ready now, because if you wait, it'll be too late. Now - before a specific event actually happens _ is the time to start collecting digital evidence and equip yourself to find that needle in the haystack.

When you're searching through gigabytes or terabytes of data, these unique WildPackets features make the difference between a quick, convenient search and a laborious, time-consuming search involving multiple tools and large transfers of data:

• Support for frame decodes during capture
• Support for on-the-fly capture filters
• Support for Selected Related filters
• Support for name table entry and aliases
• Support for multiple simultaneous capture windows
• Ability to sort by number of problems, top talkers, most delays, etc.
• Ability to organize flows by application type
• Ability to organize flows by client/server pair
• Ability to capture from multiple simultaneous NICs
• Ability to capture from 802.11 wireless LANs
• Ability to store packets in a MySQL database
• Conversation Map at the point of capture
• Built-in Experts for recognizing security attacks such as Gin, Jolt, Land, Oversize IP, and WinNuke

While other network forensics products force you to capture with one product, then transfer gigabytes or terabytes of data to another product for analysis, the our solution enables you to analyze data at the point of capture, and eliminates the need for large data transfers that consume time and bandwidth. By utilizing Intelligent Data Transport™, the TimeLine network recorder minimizes traffic loads on the network and lets you find the data you're looking for, quickly and easily.

• Detect and analyze violations of HR policies or industry regulations
• Support compliance efforts for SOX, Gramm-Leach-Bliley, HIPAA, and other industry regulations
• Collect evidence when breaches occur

• Capture and analyze intermittent network problems
• Troubleshoot problems that occurred hours or days ago
• Find the patterns that ad hoc, reactive troubleshooting will miss

• Detect and characterize attacks—whether they’ve just begun or occurred days ago
• Apply filters to isolate malicious behavior
• Equip your network IT team with a powerful incident response tool

• Create the ultimate audit trail for business transactions—not just server activity but the business transactions enacted by clients and servers
• Troubleshoot the transaction problems that server logs miss

For more details or to arrange a demo, please call (925) 937-3200 or write to sales@wildpackets.com.