From ForensicsWiki
Revision as of 21:58, 20 May 2009 by Butzi73 (Talk | contribs)

Jump to: navigation, search

OmniPeek Distributed Analysis Suite

The OmniPeek Distributed Analysis Suite can capture up to 64 Terabytes with the Omnipliance SuperCore Network Recorder. For an unlimited amount of storage, an Omnipliance can be connected to a Storage Area Network (SAN) and analyze events that occurred hours, days, weeks, or even months ago.

When searching through gigabytes or terabytes of data, these features make the difference between a quick, convenient search and a laborious, time-consuming search involving multiple tools and large transfers of data:

   * Support for frame decodes during capture
   * Support for on-the-fly capture filters
   * Support for Selected Related filters
   * Support for name table entry and aliases
   * Support for multiple simultaneous capture windows
   * Ability to sort by number of problems, top talkers, most delays, etc.
   * Ability to organize flows by application type
   * Ability to organize flows by client/server pair
   * Ability to capture from multiple simultaneous NICs
   * Ability to capture from 802.11 wireless LANs
   * Ability to store packets in a MySQL database
   * Conversation Map at the point of capture
   * Built-in Experts for recognizing security attacks such as Gin, Jolt, Land, Oversize IP, and WinNuke 

Beyond these built-in features, OmniPeek also supports an extensive API for automation and analysis. Many of these are available to maintenance customers from the MyPeek Community Portal [1].

OmniPeek analyzes data at the point of capture, and eliminates the need for large data transfers that consume time and bandwidth. By utilizing Intelligent Data Transport™, the OmniPeek Distributed Analysis Suite minimizes traffic loads on the network.

HR Compliance [2]

   * Detect and analyze violations of HR policies or industry regulations
   * Support compliance efforts for SOX, Gramm-Leach-Bliley, HIPAA, and other industry regulations
   * Collect evidence when breaches occur

Intermittent Issues [3]

   * Capture and analyze intermittent network problems
   * Troubleshoot problems that occurred hours or days ago
   * Find the patterns that ad hoc, reactive troubleshooting will miss

Security Attack Analysis [4]

   * Detect and characterize attacks—whether they’ve just begun or occurred days ago
   * Apply filters to isolate malicious behavior
   * Equip your network IT team with a powerful incident response tool

Transaction Analysis [5]

   * Create an audit trail for business transactions—not just server activity but the business transactions enacted by clients and servers
   * Troubleshoot the transaction problems that server logs miss