OmniPeek

From Forensics Wiki
Revision as of 16:59, 20 May 2009 by Butzi73 (Talk | contribs)

Jump to: navigation, search

OmniPeek Distributed Analysis Suite [1]

The OmniPeek Distributed Analysis Suite can capture up to 64 Terabytes with the Omnipliance SuperCore Network Recorder. For an unlimited amount of storage, an Omnipliance can be connected to a Storage Area Network (SAN) and analyze events that occurred hours, days, weeks, or even months ago.

When searching through gigabytes or terabytes of data, these features make the difference between a quick, convenient search and a laborious, time-consuming search involving multiple tools and large transfers of data:

   * Support for frame decodes during capture
   * Support for on-the-fly capture filters
   * Support for Selected Related filters
   * Support for name table entry and aliases
   * Support for multiple simultaneous capture windows
   * Ability to sort by number of problems, top talkers, most delays, etc.
   * Ability to organize flows by application type
   * Ability to organize flows by client/server pair
   * Ability to capture from multiple simultaneous NICs
   * Ability to capture from 802.11 wireless LANs
   * Ability to store packets in a MySQL database
   * Conversation Map at the point of capture
   * Built-in Experts for recognizing security attacks such as Gin, Jolt, Land, Oversize IP, and WinNuke 

Beyond these built-in features, OmniPeek also supports an extensive API for automation and analysis. Many of these are available to maintenance customers from the MyPeek Community Portal [2].

OmniPeek analyzes data at the point of capture, and eliminates the need for large data transfers that consume time and bandwidth. By utilizing Intelligent Data Transport™, the OmniPeek Distributed Analysis Suite minimizes traffic loads on the network.

HR Compliance [3]

   * Detect and analyze violations of HR policies or industry regulations
   * Support compliance efforts for SOX, Gramm-Leach-Bliley, HIPAA, and other industry regulations
   * Collect evidence when breaches occur

Intermittent Issues [4]

   * Capture and analyze intermittent network problems
   * Troubleshoot problems that occurred hours or days ago
   * Find the patterns that ad hoc, reactive troubleshooting will miss

Security Attack Analysis [5]

   * Detect and characterize attacks—whether they’ve just begun or occurred days ago
   * Apply filters to isolate malicious behavior
   * Equip your network IT team with a powerful incident response tool

Transaction Analysis [6]

   * Create an audit trail for business transactions—not just server activity but the business transactions enacted by clients and servers
   * Troubleshoot the transaction problems that server logs miss