Support for Omnipliance WiFi
TCPDump Remote Adapter support in OmniPeek
New wireless graphs in Forensics view (only for Omnipliance WiFi)
Real-time and post-capture wireless decryption in OmniEngine (only for Omnipliance WiFi)
Go to the link below to get full details at:
It was a downloadable plug-in but now we have integrated it with OmniPeek 8.1. The Remote TCPDump Adapter is a plug-in for the OmniPeek Console that connects to remote machines through SSH and runs TCPDump.
OmniPeek now provides a single remote adapter to replace the individual ones called “Access Point Capture Adapter”.
Compass now displays "Data Rates" statistics chart window for grouping statistics by data rates for wireless traffic.
From file(s) in the Compass Workspace navigation bar and by creating projects from one or more packet files in the Compass Workspace mode.
This is an advanced filter node which you will be able to specify one or more VLAN IDs or ID ranges. Also, you will be able to specify one or more MPLS Labels or Label ranges.
Yes, the Cisco and Aruba Remote Adapters now have the capabilities of capturing 802.11ac traffic.
The supported AP’s are the Cisco 2700, 3700 and Aruba 225 models.
Yes, they support MIMO: 1, 2, and 3 spatial stream configurations.
Yes, for Cisco the AIR-CT2504-K9 V01. It needs at least the following firmware version: v188.8.131.52. For the Aruba, it requires the Aruba 7200 series controller with version 6.4 or greater of the firmware.
Yes, OmniPeek 8.1 can read pcap and pcapng files with PPI headers.
The Merge Packet Files feature allows you to merge multiple packet files into one. Keep in mind, they all must be the same media type (e.g., Ethernet and Wireless).
The inserted and destination files must be of a supported WildPackets packet file format (*.pkt, *.wpz).
You can create RPCap interfaces that allow you to capture 802.11 wireless traffic (including 802.11ac), within OmniPeek from an Access Point which supports RPCap. In OmniPeek you can create and select RPCap interfaces from within the Aggregator Settings dialog.
Can OmniPeek 8.1 display the Modulation Coding Scheme (MCS) and the number of Spatial Streams?
Yes, OmniPeek has the ability to display the information such as MCS index and the number of spatial streams. They will be displayed in the packet list view and the packet decode view.Why is the Aggregator named “Aggregator/Roaming”?
This is because the Roaming Latency feature has been added to the wireless aggregator.
It allows you to quickly and easily locate, visualize, and analyze one or more flows as they traverse several capture points on your network from end-to-end.
Bar graphs are difficult to see in millisecond mode since there are many points to display in such a small area. The resolution would be to change the graph type to something other than bar graph.
The time duration shown in Compass represents the number of points in the graph, while OmniPeek's time duration is strictly based upon the difference in time between the first and last captured packet timestamps.
The pull down menu Peek Split can take large .pkt file and split them into smaller .pkt files. For example, it is good when you are opening a 1GB file and splitting it up into four files. With Compass you can open many large files into 1 Database file and view an interactive dashboard for forensics of large quantities of wired and wireless network traffic. Compass employs an intuitive interactive graph, allowing you to visualize and interact with utilization statistics from large quantities of network data, before actually loading a specific time range of packets.
Yes, you can now open .pcapng files in OmniPeek. It is the next generation PCAP dump file format.
Yes, in OmniPeek Engines view you can right-click on an Engine and edit its properties and save them.
The most common issue is when you selected Capture to Disk in the General Options you would have seen a menu pop up screen called "Performance Warning after clicking OK. If you select "Optimize for Capture to Disk" it will disable all your Analysis Options for Real-Time viewing. This is because this method of analyzing is normally used for Post Capture Forensic Analysis.
If you wish to view the Options in Real-Time, you will need to go back into the Capture Options->Analysis Options and enable the ones you want to view or all of them. Once you have selected the Options you want to view the "Performance Warning" will pop up again after you click OK. Please chose "Continue with current settings" so it will keep the Options you configured enabled.
Now you can select a time range in the Network Dashboard in OmniPeek and view the packets associated with that selection.