SOURCE: Savvius, Inc.

Savvius, Inc.

November 01, 2016 09:00 ET

Savvius Raises Bar for Network Forensics Software with Omnipeek 10

Savvius Omnipeek®, best-in-class software for network analytics and performance diagnostics, adds advanced capabilities for security investigations

WALNUT CREEK, CA--(Marketwired - Nov 1, 2016) - Savvius™, Inc., leader in network analytics for performance diagnostics and security investigations, today announced a major upgrade to Omnipeek®, its best-in-class software for network performance diagnostics and troubleshooting, and now with version 10, security investigations. Omnipeek 10 dramatically streamlines network troubleshooting and security investigations using powerful packet data analytics and visualizations that can be adapted to any workflow. Omnipeek network forensics software provides network engineers and security analysts a one-stop solution to ensure that network and network-related security issues can be found and dealt with quickly and effectively.

"Increasingly, security analysts are turning to packet data for fast, accurate investigations," said Jay Botelho, Director of Products, Savvius. "Traditional packet data software is awkward and time-consuming in a security investigation. Omnipeek 10 is the first network forensics software that gives both network and security professionals access to just the specific data they need."

Omnipeek 10 gives users the ability to manage packet analysis through a single, streamlined user interface that can now include security alerts from popular open-source IDS platforms such as Snort and Suricata. By highlighting packet data corresponding to these alerts, Omnipeek 10 makes possible immediate, detailed analysis of suspected breaches. Both network and security professionals will appreciate Omnipeek 10's ability to open multiple large capture files simultaneously by filtering the packet files before they are loaded and analyzed. This greatly reduces file size and helps to speed up response times.

Another advanced feature of interest to both network and security professionals in Omnipeek 10 is a Files View that reconstructs files transmitted via HTTP, allowing analysts to see exactly what files were transferred at a particular time between every user on the network. Users can search assembled packet payloads for any string, filter data by country, add as many custom decode columns as they require, and perform fast forensics searches.

New and Updated
Features in Omnipeek 10
:

  • View File Content - Reconstructs files by extracting data from reassembled HTTP payloads. This is performed automatically when a packet file is opened, and provides critical information about file content.
  • Security Events from Snort and Suricata - Ability to import analytical results from Snort and Suricata, and overlay the resulting security alerts against the packet data for immediate, detailed analysis of any suspected breaches.
  • Investigation Overview - Provides summary level information about the entire packet file under analysis, enabling a rapid transition to any time segment.
  • Savvius Omnipliance Status - Notifies administrators immediately, via syslog and/or email, if a Savvius Omnipliance drive goes down or a network capture stops.
  • Customize Packet Decode Views - Creates unique packet decode columns based on any information within packets, making it easy to find and compare packets that contain elements under investigation.
  • Filter Files to Maximize Computing Bandwidth - Filters packet files before loading packets for analysis, using parameters such as IP addresses and/or port ranges, significantly increasing analysis performance on computers with limited resources.
  • Faster Forensic Searches - Significantly increases the speed of packet data retrieval from disk, making post-capture analysis much more efficient.

Availability:
Omnipeek 10 is available for purchase and as an upgrade to previous versions of Omnipeek, Capture Engine for Savvius Omnipeek, and Savvius Omnipliances. There are several versions, including Omnipeek Enterprise, Omnipeek Professional, Omnipeek Connect and Capture Engine for Savvius Omnipeek. For notifications, please subscribe to the Savvius blog

About Omnipeek
Omnipeek serves a dual role as both a portable network and security analysis solution that runs under Windows and the software running on and providing access to Savvius Omnipliances. Omnipeek offers an intuitive, easy-to-use graphical interface that IT managers, network engineers, and security analysts can use to rapidly analyze and troubleshoot local and remote wired and wireless networks of all speeds. Omnipeek provides a powerful visualization of network conditions to enable in-depth analysis of traffic from multiple network segments to pinpoint problems in real time. For more information about Omnipeek, visit: https://www.savvius.com/products/network_visibility_performance_diagnostics/omnipeek_family

About Savvius, Inc.
Savvius offers a range of powerful software and appliance products that automate the collection of critical network data for network forensics in security investigations and for network and application visibility and performance diagnostics. Savvius products are trusted by network and security professionals at over 6,000 companies in 60 countries around the world. Visit http://www.savvius.com/ for information about Savvius Omnipliance®, Savvius Omnipeek®, Savvius Vigil™, and Savvius Insight™, and to learn about Savvius technology and channel partners.

Contact Information

  • Media Contacts
    Savvius North America:
    Mark Chisholm
    +1-253-444-5477
    Email Contact

    Savvius Europe:
    Susie Taylor
    +44-788-608-9041
    Email Contact