Net/FSE, the Network Forensic Search Engine
Packet Analytics' Net/FSE, the network forensic search engine, is the first commercial solution available to network security analysts that are built from the ground up to make network event analysis operations cost effective, faster and more efficient. Net/FSE, available as a free download, brings together event data from network devices and gives security analysts the ability to correlate and analyze billions of events in real time.
Net/FSE gives the security team the ability to collect any type of network event data, including flow data (unlike many SIM and log management solutions) that can be generated by almost every enterprise network router and is essentially a free resource of forensic information. Other valuable information sources for Net/FSE include alerts from IDS, IPS, SIM and NBA, firewall logs, web server logs, authentication logs and database server access logs.
SIMs and log management solutions have partially addressed the needs of network security analysts but such systems are not built to provide analysis capabilities for alert analysis, indepth network forensics or incident response. Net/FSE by Packet Analytics fills the gap in the network security market by bringing cost effective, easy to use network event analysis capabilities to enterprise networks. Net/FSE adds value to an enterprise’s existing tool suite and maximizes the value of these tools by making the organization’s security practitioners more effective in their daily tasks.
Have you tried NetworkMiner? It's very useful if you want to extract information about the hosts on the network based on data in application level protocols.
NetworkMiner als performs OS fingerprinting by using OS fingerprinting databases from p0f, Ettercap and FingerBank.
No i haven't tried.
But i will definetely give it a try.
Thanks for sharing.
Post a Comment