ARTICLE

NetWitness Investigator Free edition v8.6 : the tactical network analyzer

Wednesday 19 November 2008

Investigator provides security operations staff, auditors, and fraud and forensics investigators the power to perform unprecedented free-form contextual analysis of raw network data captured and reconstructed by the NetWitness NextGen infrastructure. Developed originally for the U.S. Intelligence Community, and now used extensively by Law Enforcement, Defense, and other public and private organizations, Investigator is based upon 10 years of development and deployment in some of the most demanding and complex threat environments.

Features

- NEW! SSL Decryption (with server certificate)
- NEW! Interactive time charts, and summary view
- NEW! Interactive packet view and decode
- NEW! Hash Pcap on Export
- NEW! Enhanced content views
- Real-time, Patented Layer 7 Analytics
- Effectively analyze data starting from application layer entities like users, email, address, files , and actions.
- Infinite, free-form analysis paths
- Content starting points
- Patented port agnostic service identification
- Extensive network and application layer filtering (e.g. MAC, IP, User, Keywords, Etc.)
- IPv6 support
- Captures live from any wired or wireless interface
- Full content search, with Regex support
- Exports data in .pcap format
- Imports packets from any open-source, home-grown and commercial packet capture system(e.g. .pcap file import)
- Bookmarking & History Tracking
- Integrated GeoIP for resolving IP addresses to city/county, supporting Google Earth visualization


POSTSCRIPTUM

Download Free Edition


RELATED ARTICLES

Data Mining, Forensics, NetWitness Investigator, Visualization,

19 November 2008 : NetWitness Investigator Free edition v8.6 : the tactical network analyzer