Difference between revisions of "OmniPeek"

From Forensics Wiki
Jump to: navigation, search
(Edited marketing style text into encyclopedia format)
 
(One intermediate revision by one user not shown)
Line 1: Line 1:
OmniPeek Distributed Analysis Suite
+
The '''OmniPeek Distributed Analysis Suite''' is a set of tools by [[WildPackets]] to collect and analyze network traffic. Designed to process large amounts of data, the tools provide a number of mechanisms to search and identify items of interest. These features include frame decoding, on-the-fly capture filters, filters to identify related items, aliases, multiple simulatenous capture windows, and more. Captured data can be stored in a MySQL database if desired.
  
The OmniPeek Distributed Analysis Suite can capture up to 64 Terabytes with the Omnipliance SuperCore Network Recorder. For an unlimited amount of storage, an Omnipliance can be connected to a Storage Area Network (SAN) and analyze events that occurred hours, days, weeks, or even months ago.  
+
The suite contains an API for automation and analysis.
  
When searching through gigabytes or terabytes of data, these features make the difference between a quick, convenient search and a laborious, time-consuming search involving multiple tools and large transfers of data:
+
Other features are designed to be compliant with United States legal frameworks such as Sarbanes Oxley and HIPAA.
  
    * Support for frame decodes during capture
+
== External Links ==
    * Support for on-the-fly capture filters
+
* [http://www.wildpackets.com/ Official web site]
    * Support for Selected Related filters
+
    * Support for name table entry and aliases
+
    * Support for multiple simultaneous capture windows
+
    * Ability to sort by number of problems, top talkers, most delays, etc.
+
    * Ability to organize flows by application type
+
    * Ability to organize flows by client/server pair
+
    * Ability to capture from multiple simultaneous NICs
+
    * Ability to capture from 802.11 wireless LANs
+
    * Ability to store packets in a MySQL database
+
    * Conversation Map at the point of capture
+
    * Built-in Experts for recognizing security attacks such as Gin, Jolt, Land, Oversize IP, and WinNuke
+
 
+
Beyond these built-in features, OmniPeek also supports an extensive API for automation and analysis.  Many of these are available to maintenance customers from the MyPeek Community Portal [https://mypeek.wildpackets.com/welcome.php].
+
 
+
OmniPeek analyzes data at the point of capture, and eliminates the need for large data transfers that consume time and bandwidth. By utilizing Intelligent Data Transport™, the OmniPeek Distributed Analysis Suite minimizes traffic loads on the network.
+
 
+
'''HR Compliance''' [http://www.wildpackets.com/solutions/it_solutions/network_forensics/hr_compliance]
+
 
+
    * Detect and analyze violations of HR policies or industry regulations
+
    * Support compliance efforts for SOX, Gramm-Leach-Bliley, HIPAA, and other industry regulations
+
    * Collect evidence when breaches occur
+
 
+
'''Intermittent Issues''' [http://www.wildpackets.com/solutions/it_solutions/network_forensics/intermittent_issues]
+
 
+
    * Capture and analyze intermittent network problems
+
    * Troubleshoot problems that occurred hours or days ago
+
    * Find the patterns that ad hoc, reactive troubleshooting will miss
+
 
+
'''Security Attack Analysis''' [http://www.wildpackets.com/solutions/it_solutions/network_forensics/security_attack_analysis]
+
 
+
    * Detect and characterize attacks—whether they’ve just begun or occurred days ago
+
    * Apply filters to isolate malicious behavior
+
    * Equip your network IT team with a powerful incident response tool
+
 
+
'''Transaction Analysis''' [http://www.wildpackets.com/solutions/it_solutions/network_forensics/transaction_analysis]
+
 
+
    * Create an audit trail for business transactions—not just server activity but the business transactions enacted by clients and servers
+
    * Troubleshoot the transaction problems that server logs miss
+

Latest revision as of 11:47, 22 May 2009

The OmniPeek Distributed Analysis Suite is a set of tools by WildPackets to collect and analyze network traffic. Designed to process large amounts of data, the tools provide a number of mechanisms to search and identify items of interest. These features include frame decoding, on-the-fly capture filters, filters to identify related items, aliases, multiple simulatenous capture windows, and more. Captured data can be stored in a MySQL database if desired.

The suite contains an API for automation and analysis.

Other features are designed to be compliant with United States legal frameworks such as Sarbanes Oxley and HIPAA.

External Links