57
www.wildpackets.com © WildPackets, Inc. Show us your tweets! Use today’s webinar hashtag: #wp_networkforensics with any questions, comments, or feedback. Follow us @wildpackets Jay Botelho Director of Product Management WildPackets [email protected] Follow me @jaybotelho Network Forensics for Wired and Wireless Networks

Wired and Wireless Network Forensics

  • View
    944

  • Download
    3

Embed Size (px)

DESCRIPTION

Think network forensics is just for security? Not with today’s 10G (and tomorrow’s 40G/100G) traffic, not to mention new 802.11ac wireless networks with multi-gigabit data rates. Data is traversing these networks so quickly that detailed, real-time analysis is at best a challenge. Network forensics provides key real-time statistics while saving a complete, packet-level recording of all network activity. You don’t need to worry about capturing the problem – your network forensics solution already has, allowing you to go back in time and analyze any network, application, or security condition.

Citation preview

Page 1: Wired and Wireless Network Forensics

www.wildpackets.com © WildPackets, Inc.

Show us your tweets! Use today’s webinar hashtag:

#wp_networkforensics with any questions, comments, or feedback.

Follow us @wildpackets

Jay Botelho

Director of Product Management

WildPackets

[email protected]

Follow me @jaybotelho

Network Forensics

for Wired and Wireless Networks

Page 2: Wired and Wireless Network Forensics

© WildPackets, Inc. #wp_forensics Network Forensics for Wired and Wireless Networks

Administration

• All callers are on mute ‒ If you have problems, please let us know via the Chat window

• There will be Q&A ‒ Feel free to type a question at any time

• Slides and recording will be available ‒ Notification within 48 hours via a follow-up email

2

Page 3: Wired and Wireless Network Forensics

© WildPackets, Inc. #wp_forensics Network Forensics for Wired and Wireless Networks

Agenda

• What Is Network Forensics?

• Myths/Realities in Network Forensics

• Configuring Your Network for Forensics

• Wired vs. Wireless Network Forensics

• Use Cases

• Performing Forensic Analysis

• WildPackets Corporate Overview

• WildPackets Product Line Overview

3

Page 4: Wired and Wireless Network Forensics

www.wildpackets.com © WildPackets, Inc.

What Is Network Forensics?

4

Page 5: Wired and Wireless Network Forensics

© WildPackets, Inc. #wp_forensics Network Forensics for Wired and Wireless Networks

What is Network Forensics ?

• Marcus Ranum is credited with defining Network

Forensics as “the capture, recording, and analysis of

network events in order to discover the source of

security attacks or other problem incidents.”

(wikipedia)

• It’s not like TV – employ forensics before the “crime”

- network traffic is transmitted and then lost, leaving

no clues behind

• Other names: packet mining, packet forensics, digital

forensics

Page 6: Wired and Wireless Network Forensics

© WildPackets, Inc. #wp_forensics Network Forensics for Wired and Wireless Networks

What Purpose Does It Serve ?

• Allows us to find the

details of network events

after they have happened

• Eliminates the need to

reproduce network

problems

• Distill data to manageable

levels by employing

filters and analysis

Page 7: Wired and Wireless Network Forensics

© WildPackets, Inc. #wp_forensics Network Forensics for Wired and Wireless Networks

Network vs. Security Forensics

• Network forensics is a superset of security forensics

• Forensics is not just DPI (Deep Packet Inspection)

• Requires the lossless capture, storage, and analysis

of extremely large data volumes

• Network forensics: enterprise vs. lawful intercept ‒ Concerned with the process of reconstructing a network event

• Network or infrastructure outage

• Intrusion such as a “hack” or other penetration

‒ Provides a recording of the actual incident

• Based on live IP packet data captures ‒ A new way of looking at trace file analysis

‒ Continues from where traditional network troubleshooting ends

Page 8: Wired and Wireless Network Forensics

© WildPackets, Inc. #wp_forensics Network Forensics for Wired and Wireless Networks

Network Forensics Drivers

• Faster networks/greater data volumes ‒ 10/40G adoption grew 62% in 2012

‒ 75% of the investments in networking are for 10G1

• Richer data

• Subtler and more malicious security threats ‒ Zero-day attacks

‒ APTs (Advanced Persistent Threats)

‒ 75% of data breaches financially motivated

‒ 66% of breaches took months or longer to discover2

• Sampled data and high-level stats ‒ Flow-based network monitoring vs. detailed DPI analysis

8

1 http://www.infonetics.com/pr/2013/2H12-Networking-Ports-Market-Highlights.asp 2 http://www.verizonenterprise.com/resources/reports/rp_data-breach-investigations-report-2013_en_xg.pdf

Page 9: Wired and Wireless Network Forensics

© WildPackets, Inc. #wp_forensics Network Forensics for Wired and Wireless Networks

Why Forensics?

• Validate what your logs are telling you

• Generate alarms/alerts on data you’ll never find in

logs

• Invest time analyzing, not reproducing

• Immediately begin investigating the issue – you have

a recording of the incident!

• Isolate key data – from multi-TB archives - rapidly

and intuitively

• Understand the depth of penetration for any incident

Page 10: Wired and Wireless Network Forensics

www.wildpackets.com © WildPackets, Inc.

Myths/Realities in Network

Forensics

10

Page 11: Wired and Wireless Network Forensics

© WildPackets, Inc. #wp_forensics Network Forensics for Wired and Wireless Networks

Network Forensics

The number of respondents that feel

network forensics is a necessity at 10G

11

85%

31% The number who are using network

forensics at 10G

The State of Faster Networks, WildPackets, Oct 2013

Page 12: Wired and Wireless Network Forensics

© WildPackets, Inc. #wp_forensics Network Forensics for Wired and Wireless Networks

Network Forensics Usage

12

28%

36%

24%

12% For securitypurposes

For monitoringintermittent networkissues

For monitoringintermittentapplication issues

For 24/7 transactionanalysis

The State of Faster Networks, WildPackets, Oct 2013

Page 13: Wired and Wireless Network Forensics

© WildPackets, Inc. #wp_forensics Network Forensics for Wired and Wireless Networks

Challenges with Network Forensics

13

The State of Faster Networks, WildPackets, Oct 2013

Page 14: Wired and Wireless Network Forensics

© WildPackets, Inc. #wp_forensics Network Forensics for Wired and Wireless Networks

10G – Driving Network Forensics Usage

14

The State of Faster Networks, WildPackets, Oct 2013

100 Participants Company size: 43% - Large organizations 26% - Medium 31% - Small

Functional Breakdown 84% - Network Engineer 15% - IT Director 1% - Executive

Page 15: Wired and Wireless Network Forensics

© WildPackets, Inc. #wp_forensics Network Forensics for Wired and Wireless Networks

10G – Driving Network Forensics Usage

15

The State of Faster Networks, WildPackets, Oct 2013

Page 16: Wired and Wireless Network Forensics

© WildPackets, Inc. #wp_forensics Network Forensics for Wired and Wireless Networks

The Implications of Doing Nothing

64% of organizations reported that managing

network performance has become more complex

over last 12 months

Organizations are losing on average $72,000 per

minute of unplanned network downtime

48% of organizations reported that, on average,

they spend more than 60 minutes on repairing

performance issues - per incident

Page 17: Wired and Wireless Network Forensics

www.wildpackets.com © WildPackets, Inc.

Configuring Your Network for

Forensics

17

Page 18: Wired and Wireless Network Forensics

© WildPackets, Inc. #wp_forensics Network Forensics for Wired and Wireless Networks

Requirements for a Network Forensics Solution

• Capturing and recording data ‒ 10/40G network support

‒ No dropped packets – 100% fidelity

‒ Continuously available

‒ Always test in your environment

• Discovering data ‒ Timely results delivery

‒ Filtering for IP addresses, applications, etc.

• Analyzing data ‒ Automated analysis – Expert events

‒ Simple, intuitive workflow

‒ Data visualization from multiple perspectives

18

Page 19: Wired and Wireless Network Forensics

© WildPackets, Inc. #wp_forensics Network Forensics for Wired and Wireless Networks

10G Network Analysis Workflow

Identify Key Analysis Pts

Deploy 24x7 Monitoring

Alarms/ Alerts

Problem?

Rewind Data

Analyze Tune if

Necessary

NO

YES

Page 20: Wired and Wireless Network Forensics

© WildPackets, Inc. #wp_forensics Network Forensics for Wired and Wireless Networks

A Solution for Every Network

20

Page 21: Wired and Wireless Network Forensics

© WildPackets, Inc. #wp_forensics Network Forensics for Wired and Wireless Networks

Data Capture from High-Speed Links

Page 22: Wired and Wireless Network Forensics

© WildPackets, Inc. #wp_forensics Network Forensics for Wired and Wireless Networks

Forensic Analysis – Capturing An Attack

IDS/IPS System

1. Attack

bypasses firewall

3. Event logged, attack

partially tracked by IDS

2. Data Recorder records

and aggregates data

throughout attack

4. Post event analysis reveals

attacker, method, damage!

Serv

ers

Page 23: Wired and Wireless Network Forensics

© WildPackets, Inc. #wp_forensics Network Forensics for Wired and Wireless Networks

10G Network Data Storage

• 1Gbps steady-state traffic assuming no storage

overhead:

7.68 GB/min

460 GB/hr

11 TB/day

2.9 days in a 32TB appliance

• 10Gbps:

76.8GB/min

4.6 TB/hr

110 TB/day

28 hours in a 128TB appliance

Page 24: Wired and Wireless Network Forensics

www.wildpackets.com © WildPackets, Inc.

Wired vs. Wireless Network

Forensics

24

Page 25: Wired and Wireless Network Forensics

© WildPackets, Inc. #wp_forensics Network Forensics for Wired and Wireless Networks

802.11ac – Breaking the Gigabit Barrier

<1 Mbps

Proprietary

1-2 Mbps

802.11 1997

100%

11 Mbps

802.11b

550%

54 Mbps

802.11g/a

490%

300/450/600 Mbps

802.11n

833%

433/866/1300+ Mbps

802.11ac

288% (vs. 450)

(to 6.93 Gbps)

1989 1991 1999 2003 2009 2013

Gratuitous clipart - Please ignore

Source: Farpoint Group

Page 26: Wired and Wireless Network Forensics

© WildPackets, Inc. #wp_forensics Network Forensics for Wired and Wireless Networks

26

Page 27: Wired and Wireless Network Forensics

© WildPackets, Inc. #wp_forensics Network Forensics for Wired and Wireless Networks

Additional Drivers for Wireless Forensics

• BYOD ‒ No configuration control

‒ Limited or no access to the end-user device

‒ Problems reported “after the fact”

• Point-of-Presence required ‒ Wireless data must be captured within a few hundred feet of the

device

‒ Vastly more collection points than for wired forensics

• Data volumes that rival wired data ‒ 1.3Gbps will be common with 802.11ac

‒ Mobile devices outnumbering wired devices

27

Page 28: Wired and Wireless Network Forensics

© WildPackets, Inc. #wp_forensics Network Forensics for Wired and Wireless Networks

Wireless Forensics Solution

• As wireless approaches wired

speeds, it’s time to start

relying on the wire

• Distributed analysis using

deployed assets – APs – is the

only effective solution as

wireless speeds grow

• 24/7 capture/analysis ensures

problems aren’t missed

• Recording enables wireless

forensic analysis

28

Page 29: Wired and Wireless Network Forensics

© WildPackets, Inc. #wp_forensics Network Forensics for Wired and Wireless Networks

Wireless Forensics Benefits

• Reduce MTTR

‒ No need to reproduce a

problem

‒ No need to wait for it to

happen again

• Increase WLAN service

uptime

‒ WLANs are now mission-

critical

‒ Mobility implies you won’t be

near the problem

• Prioritize analysis tasks

‒ Deal with emergencies

immediately

‒ Handle routine investigations

as time permits

‒ Save data for long-term

analysis

• Reduce reaction time

‒ Data are always available for

analysis

• Reduce analysis costs

‒ A single solution for wireless

and wired analysis

29

Page 30: Wired and Wireless Network Forensics

www.wildpackets.com © WildPackets, Inc.

Use Cases

Page 31: Wired and Wireless Network Forensics

© WildPackets, Inc. #wp_forensics Network Forensics for Wired and Wireless Networks

Use Cases for Network Forensics

• Finding proof of a security attack

• Troubleshooting intermittent performance issues

• Monitoring user activity for compliance with IT and

HR policies

• Identifying the source of data leaks

• Monitoring business transactions

• Verifying VoIP and video over IP performance

31

Page 32: Wired and Wireless Network Forensics

© WildPackets, Inc. #wp_forensics Network Forensics for Wired and Wireless Networks

Best Practices for Network Forensics

Capturing Network Traffic

1. Capture traffic continuously

2. Deploy a solution that captures traffic reliably

3. Set up filters to catch anomalies

Storing Traffic

4. Allocate sufficient storage for the volume of data

being collected

5. Adjust file sizes for the desired performance

optimization

32

Page 33: Wired and Wireless Network Forensics

© WildPackets, Inc. #wp_forensics Network Forensics for Wired and Wireless Networks

Best Practices for Network Forensics

(cont.)

Analyzing Traffic

6. Select a network forensics solution that supports

filters and searches that are fast, flexible, and

precise

7. Record baseline measurements of network

performance

8. Use filters to zoom in on the problem at hand

33

Page 34: Wired and Wireless Network Forensics

www.wildpackets.com © WildPackets, Inc.

Performing Forensic Analysis

Page 35: Wired and Wireless Network Forensics

© WildPackets, Inc. #wp_forensics Network Forensics for Wired and Wireless Networks

WildPackets – The Network Forensics Myth Buster

35

Myth Busted

Can’t analyze at 10G line rate

Dropped packets

Captured data is not reliable

Inability to collect packets at all network locations

Inadequate real-time stats

Real-time analysis no longer an option

Limited visibility into VoIP

Inability to analyze/search recorded traffic

No end-to-end visibility into application transactions

Limitations in security monitoring

Page 36: Wired and Wireless Network Forensics

www.wildpackets.com © WildPackets, Inc.

Q&A

Show us your tweets! Use today’s webinar hashtag:

#wp_forensics with any questions, comments, or feedback.

Follow us @wildpackets

Follow us on SlideShare! Check out today’s slides on SlideShare

www.slideshare.net/wildpackets

Page 37: Wired and Wireless Network Forensics

www.wildpackets.com © WildPackets, Inc.

WildPackets Corporate Overview

Optimizing Network and Application Performance

Page 38: Wired and Wireless Network Forensics

© WildPackets, Inc. #wp_forensics Network Forensics for Wired and Wireless Networks

Corporate Background

• Experts in network monitoring, analysis, and troubleshooting

‒ Founded: 1990 / Headquarters: Walnut Creek, CA

‒ Offices throughout the US, EMEA, and APAC

• Customers spanning leading edge organizations

‒ Mid-market and enterprise lines of business

‒ Financial, manufacturing, ISPs, major federal agencies,

state and local governments, universities

‒ Over 7,000 customers / 60+ countries / 80% of Fortune 1,000

• Award-winning solutions that improve network performance

‒ Internet Telephony, Network Magazine, Network Computing awards

‒ United States Patent 5,787,253 issued July 28, 1998 • “Apparatus and Method of Analyzing Internet Activity”

Page 39: Wired and Wireless Network Forensics

© WildPackets, Inc. #wp_forensics Network Forensics for Wired and Wireless Networks

Why Our Customers Need Us

• VoIP, video, cloud, virtualization, and key business

applications are saturating critical network services

• Evolving network technologies create discontinuities ‒ 1 Gig 10 Gig 40 Gig 100 Gig networks

‒ Wireless, BYOD initiatives

• Users and business can not tolerate network

problems for mission critical services

Increasing demand for better real-time network visibility,

network analytics, network forensics, and DPI

Page 40: Wired and Wireless Network Forensics

© WildPackets, Inc. #wp_forensics Network Forensics for Wired and Wireless Networks

How We Create Value

We provide innovative, industry-leading, real-time

network performance management solutions

‒ Easy-to-use, easy-to-learn user interface

‒ Uniquely extensible solutions

‒ Wireless network leadership

‒ Detailed analytics related to network applications

‒ Fastest network traffic capture appliance in its class

‒ Technical superiority at competitive price point

WildPackets has continually advanced its solution to meet the needs of its

customers

Page 41: Wired and Wireless Network Forensics

© WildPackets, Inc. #wp_forensics Network Forensics for Wired and Wireless Networks

Unprecedented Network Visibility

ROOT-CAUSE ANALYSIS

OmniPeek network analyzer performs deep packet inspection

and can reconstruct all network activity, including e-mail and

IM, as well as analyze VoIP and video traffic quality.

PINPOINT NETWORK ISSUES ANYWHERE

Omnipliance Portable can rapidly identify and troubleshoot

issues before they become major problems—wired or

wireless—down the hall or across the globe.

UNDERSTAND END-USER PERFORMANCE Omnipliance network analysis and recorder appliances monitor

and analyze performance across critical network

segments, virtual environments, and remote sites.

NETWORK HEALTH

WatchPoint can manage and report on key

device performance and availability across

the entire network, from anywhere on the network.

GLOBAL

DISTRIBUTED

PORTABLE

DPI

Page 42: Wired and Wireless Network Forensics

© WildPackets, Inc. #wp_forensics Network Forensics for Wired and Wireless Networks

A History of Innovation

2003 Distributed real-time

troubleshooting

2001 • First 802.11

wireless analyzer

• First network

analyzer with

automated expert

analysis

2005 Combined

distributed

network and

VoIP

network

analysis

2008 Enterprise-wide

Monitoring and Reporting

2009 Innovative

dashboard

with drill-down for

VoIP

and video

2012 • Capture, record, and

analyze from 40G

network segments

• First wireless network

analyzer to support

801.11ac, k, r, u, v, w

2011 • Total visibility with

zero packet loss

• First wireless

network analyzer to

support capture and

analysis of 802.11n

3-stream wireless

2010 First to achieve 11

Gbps sustained

capture-to-disk

2013 Industry

leading

network

analysis and

recorder

appliances

Page 43: Wired and Wireless Network Forensics

www.wildpackets.com © WildPackets, Inc.

Product Line Overview

Page 44: Wired and Wireless Network Forensics

© WildPackets, Inc. #wp_forensics Network Forensics for Wired and Wireless Networks

Omni Distributed Analysis Platform

OmniPeek Enterprise Packet Capture, Decode and Analysis

• Ethernet,1/10 Gigabit, 802.11, and voice and video over IP

• Portable capture and OmniEngine console

• Aggregate analysis data across multiple capture points

Omnipliance Network Analysis and Recorder Appliances

• High-performance packet capture and real-time analysis

• Stream-to-disk for forensics analysis

• Integrated OmniAdapter network analysis cards up to 40G

WatchPoint Centralized Enterprise Network Monitoring Appliance

• Aggregation and graphical display of network data

• WildPackets OmniEngines

• NetFlow and sFlow

Page 45: Wired and Wireless Network Forensics

© WildPackets, Inc. #wp_forensics Network Forensics for Wired and Wireless Networks

Omni Distributed Analysis Platform Software and Turnkey Solutions

• Enterprise monitoring and reporting

‒ WatchPoint Server

‒ OmniFlow, NetFlow, and sFlow Collectors

• Network Analysis and Recorder Appliances

‒ Omnipliance CX, MX, TL

‒ Optional OmniStorage

‒ OmniAdapter analysis cards

• Distributed analysis software

‒ OmniPeek – Enterprise, Professional, Basic, Connect

‒ OmniPeek Remote Assistant

‒ OmniEngine Enterprise

• Portable solutions

‒ OmniPeek network analyzer

‒ Omnipliance Portable

Page 46: Wired and Wireless Network Forensics

© WildPackets, Inc. #wp_forensics Network Forensics for Wired and Wireless Networks

OmniPeek Network Analyzer

• Distributed analysis manager

– Connect to and configure distributed OmniEngines and Omnipliances,

• Comprehensive dashboards present network traffic in real-time

– Vital statistics and graphs display trends on network and application

performance

– Visual peer-map shows conversations and protocols

– Intuitive drill-down for root-cause analysis of performance bottlenecks

• Visual Expert diagnosis speeds problem resolution

– Packet and payload visualizers provide business-centric views

• Automated analytics and problem detection 24/7

– Easily create filters, triggers, scripting, advanced alarms, and alerts

Page 47: Wired and Wireless Network Forensics

© WildPackets, Inc. #wp_forensics Network Forensics for Wired and Wireless Networks

OmniPeek Remote Assistant Distributed, End-user Packet Capture Made Simple

• Simple to deploy, simple to use

‒ Remote push, download from server, or even

email

‒ Simple user interface - eliminates confusion for

end user

‒ Full fidelity capture - see exactly what the PC

sees

‒ Wired or wireless

• Encrypted file

‒ Only the analyst can open it

‒ Different encryption keys for different locations

or customers

• Detailed client-side/end-user experience

analysis

• Perfect for Tech Support or IT Desktop

support

Trouble call from remote site -

network response is slow.

User downloads and installs

OmniPeek Remote. Encrypted capture

data sent back for analysis.

Network analyst uses OmniPeek

Enterprise to quickly troubleshoot

problem without leaving the office.

Page 48: Wired and Wireless Network Forensics

© WildPackets, Inc. #wp_forensics Network Forensics for Wired and Wireless Networks

OmniWiFi USB WLAN Capture Adapter

• A single device for all WLAN packet capture needs

• Driver included with Omni v7.9 CDs

• Tested and supported with OmniPeek and OmniEngine

• Product features:

• USB device with extension cable

• Dual band operation – 2.4GHz and 5GHz

• Supports all standard international 802.11 channels (a/b/g/n)

• Supports 802.11n - 3 transmit/receive streams (450Mbps)

• Supports 802.11n 20MHz and 40MHz channel operation

• Supports multi-channel aggregation and roaming

• Technical Details:

‒ Size (LWH): 6 inches, 1.5 inches, 5.5 inches

‒ Weight: 5.6 ounces

• Available via Amazon - $99/each

NOTE:

• Capture ONLY – no network services

• Does not capture 802.11ac

Page 49: Wired and Wireless Network Forensics

© WildPackets, Inc. #wp_forensics Network Forensics for Wired and Wireless Networks

New Network Analysis and Recorder Appliances

Powerful Precise

Affordable

The new family of WildPackets Network Analysis and Recorder

appliances gives IT organizations powerful and precise analysis of

high-speed networks in an affordable solution with half the

hardware footprint of rival offerings.

Page 50: Wired and Wireless Network Forensics

© WildPackets, Inc. #wp_forensics Network Forensics for Wired and Wireless Networks

Powerful

‒ Fastest network recorder in its class! Captures traffic up to 20Gbps of real-

world traffic (all size packet distribution)

‒ Scales up to 128 TB of storage

‒ Provides simultaneous real-time analysis and a comprehensive Forensic

Search that rapidly searches through terabytes of captured traffic for the

details relevant to an investigation

Precise

‒ Captures complete network traffic, so you can analyze everything, not just

samples or high-level statistics

‒ Doesn’t drop packets or sacrifice accuracy for speed

‒ Supports rich, detailed analysis, including VoIP and video-over-IP traffic

Affordable

‒ Delivers outstanding price/performance (lower price; half the rack space)

‒ Allows mix of 1G/10G/40G interfaces without buying extra appliances

‒ Solutions start at $16,995

Your network is bigger and faster. Now your analysis solution is, too.

Page 51: Wired and Wireless Network Forensics

© WildPackets, Inc. #wp_forensics Network Forensics for Wired and Wireless Networks

Omnipliance TL Industry Leading Network Analysis and Recorder Appliance

• Sets a new standard in capture-to-disk speeds

‒ 20Gbps sustained capture to disk rate with zero packet drop

• Best price/performance Network Analysis Appliance

in the market ‒ 20Gbps with only one Omnipliance TL + OmniStorage

‒ Consuming less rack space, less cooling, less electrical power

• Most flexible network interface offering ‒ 1G/10G/40G interfaces supported in a single unit eliminates

additional unit requirement

• Most accurate real-time analytics ‒ Packet-based processing and analysis vs. inaccurate sample-

based calculation

Page 52: Wired and Wireless Network Forensics

© WildPackets, Inc. #wp_forensics Network Forensics for Wired and Wireless Networks

WildPackets Network Analysis Recorder Appliances Price/Performance Solutions for Every Application

Portable Omnipliance CX Omnipliance MX Omnipliance TL

Ruggedized

Troubleshooting

Less Demanding Networks

Remote Offices

Datacenter Workhorse

Easily Expandable

Enterprise, Highly-

Utilized Networks

Aluminum chassis / 17” LCD 1U rack mountable chassis 3U rack mountable chassis 3U rack mountable chassis

24GB RAM 16GB RAM 32GB RAM 64GB RAM

2 PCI-E Slots 2 PCI-E Slots 4 PCI-E Slots 4 PCI-E Slots

2 Built-in Ethernet Ports 2 Built-in Ethernet Ports 2 Built-in Ethernet Ports 2 Built-in Ethernet Ports

6TB Storage 4/8/16TB Storage 16/32TB Storage 32/48/64TB Storage

Optional OmniStorage:

32/48/64TB

Up to 128TB total Storage

OmniAdapter 1G and 10G OmniAdapter 1G/10G MX OmniAdapter 1G/10G MX OmniAdapter 1G/10G/40G

6.5Gbps CTD 3.8Gbps CTD 8.8Gbps CTD 20Gbps CTD with

OmniStorage

Page 53: Wired and Wireless Network Forensics

© WildPackets, Inc. #wp_forensics Network Forensics for Wired and Wireless Networks

WatchPoint Centralized Monitoring for Distributed Enterprise Networks

• High-level, aggregated

view of all network

segments

– Monitor per campus, per

region, per country

• Wide range of network

data

– NetFlow, sFlow, OmniFlow

• Web-based, customizable

network dashboards

• Flexible detailed reports

• Direct link to detailed,

packet-based analysis

Page 54: Wired and Wireless Network Forensics

© WildPackets, Inc. #wp_forensics Network Forensics for Wired and Wireless Networks

Comprehensive Support and Services

Standard Support

Maintenance and upgrades

Telephone and email contacts

Knowledgebase

MyPeek Portal

Premier Support

24 x 7 x 365

Dedicated escalation manager

2 customer contacts per site

Plug-in reconfiguration assistance

WildPackets Training Academy

Public, web-based, and on-site classes

Complete curriculum: technology and product focused

Practical applications and labs covering network analysis,

wireless, VoIP monitoring and advanced troubleshooting

Consulting and Custom Development Services

Deployment, configuration, and assessment engagement

Systems integration and testing

Application integration, driver, decode, interface development

Page 55: Wired and Wireless Network Forensics

© WildPackets, Inc. #wp_forensics Network Forensics for Wired and Wireless Networks

WildPackets Key Differentiators

• Visual Expert intelligence with intuitive drill-down

– Let computer do the hard work, and return results, real-time

– Packet /payload visualization is faster than packet-per-packet diagnostics

– Experts and analytics can be memorized and automated

• Automated capture analytics

– Filters, triggers, scripting, and advanced alarming system combine to provide

automated network problem detection 24x7

• Multiple issue network forensics

– Can be tracked by one or more people simultaneously

– Real-time or post capture

• User-extensible platform

– Plug-in architecture and SDK

• Aggregated network views and reporting

– NetFlow, sFlow, and OmniFlow

Page 56: Wired and Wireless Network Forensics

© WildPackets, Inc. #wp_forensics Network Forensics for Wired and Wireless Networks

24x7 Network Monitoring,

Analysis, and Troubleshooting

Page 57: Wired and Wireless Network Forensics

www.wildpackets.com © WildPackets, Inc.

Thank You!

WildPackets, Inc.

1340 Treat Boulevard, Suite 500

Walnut Creek, CA 94597

(925) 937-3200