Difference between revisions of "OmniPeek"

From Forensics Wiki
Jump to: navigation, search
(New page: OmniPeek Distributed Analysis Suite The OmniPeek Distributed Analysis Suite can capture up to 64 Terabytes with the Omnipliance SuperCore Network Recorder. For an unlimited amount of stor...)
 
Line 23: Line 23:
 
OmniPeek analyzes data at the point of capture, and eliminates the need for large data transfers that consume time and bandwidth. By utilizing Intelligent Data Transport™, the OmniPeek Distributed Analysis Suite minimizes traffic loads on the network.
 
OmniPeek analyzes data at the point of capture, and eliminates the need for large data transfers that consume time and bandwidth. By utilizing Intelligent Data Transport™, the OmniPeek Distributed Analysis Suite minimizes traffic loads on the network.
  
'''HR Compliance'''
+
'''HR Compliance''' [http://www.wildpackets.com/solutions/it_solutions/network_forensics/hr_compliance]
  
 
     * Detect and analyze violations of HR policies or industry regulations
 
     * Detect and analyze violations of HR policies or industry regulations
Line 29: Line 29:
 
     * Collect evidence when breaches occur
 
     * Collect evidence when breaches occur
  
'''Intermittent Issues'''
+
'''Intermittent Issues''' [http://www.wildpackets.com/solutions/it_solutions/network_forensics/intermittent_issues]
  
 
     * Capture and analyze intermittent network problems
 
     * Capture and analyze intermittent network problems
Line 35: Line 35:
 
     * Find the patterns that ad hoc, reactive troubleshooting will miss
 
     * Find the patterns that ad hoc, reactive troubleshooting will miss
  
'''Security Attack Analysis'''
+
'''Security Attack Analysis''' [http://www.wildpackets.com/solutions/it_solutions/network_forensics/security_attack_analysis]
  
 
     * Detect and characterize attacks—whether they’ve just begun or occurred days ago
 
     * Detect and characterize attacks—whether they’ve just begun or occurred days ago
Line 41: Line 41:
 
     * Equip your network IT team with a powerful incident response tool
 
     * Equip your network IT team with a powerful incident response tool
  
'''Transaction Analysis'''
+
'''Transaction Analysis''' [http://www.wildpackets.com/solutions/it_solutions/network_forensics/transaction_analysis]
  
 
     * Create an audit trail for business transactions—not just server activity but the business transactions enacted by clients and servers
 
     * Create an audit trail for business transactions—not just server activity but the business transactions enacted by clients and servers
 
     * Troubleshoot the transaction problems that server logs miss
 
     * Troubleshoot the transaction problems that server logs miss

Revision as of 16:58, 20 May 2009

OmniPeek Distributed Analysis Suite

The OmniPeek Distributed Analysis Suite can capture up to 64 Terabytes with the Omnipliance SuperCore Network Recorder. For an unlimited amount of storage, an Omnipliance can be connected to a Storage Area Network (SAN) and analyze events that occurred hours, days, weeks, or even months ago.

When searching through gigabytes or terabytes of data, these features make the difference between a quick, convenient search and a laborious, time-consuming search involving multiple tools and large transfers of data:

   * Support for frame decodes during capture
   * Support for on-the-fly capture filters
   * Support for Selected Related filters
   * Support for name table entry and aliases
   * Support for multiple simultaneous capture windows
   * Ability to sort by number of problems, top talkers, most delays, etc.
   * Ability to organize flows by application type
   * Ability to organize flows by client/server pair
   * Ability to capture from multiple simultaneous NICs
   * Ability to capture from 802.11 wireless LANs
   * Ability to store packets in a MySQL database
   * Conversation Map at the point of capture
   * Built-in Experts for recognizing security attacks such as Gin, Jolt, Land, Oversize IP, and WinNuke 

Beyond these built-in features, OmniPeek also supports an extensive API for automation and analysis. Many of these are available to maintenance customers from the MyPeek Community Portal [1].

OmniPeek analyzes data at the point of capture, and eliminates the need for large data transfers that consume time and bandwidth. By utilizing Intelligent Data Transport™, the OmniPeek Distributed Analysis Suite minimizes traffic loads on the network.

HR Compliance [2]

   * Detect and analyze violations of HR policies or industry regulations
   * Support compliance efforts for SOX, Gramm-Leach-Bliley, HIPAA, and other industry regulations
   * Collect evidence when breaches occur

Intermittent Issues [3]

   * Capture and analyze intermittent network problems
   * Troubleshoot problems that occurred hours or days ago
   * Find the patterns that ad hoc, reactive troubleshooting will miss

Security Attack Analysis [4]

   * Detect and characterize attacks—whether they’ve just begun or occurred days ago
   * Apply filters to isolate malicious behavior
   * Equip your network IT team with a powerful incident response tool

Transaction Analysis [5]

   * Create an audit trail for business transactions—not just server activity but the business transactions enacted by clients and servers
   * Troubleshoot the transaction problems that server logs miss