By going back-in-time, analysts can search recorded network traffic and find the precise “needle-in-the-haystack” packets that relate to a security threat, breach or outage, and quickly and accurately reconstruct exactly what took place.
InvestigationManager, released as part of OSm 6.5 for Endace appliances, allows analysts to conduct searches in seconds across petabytes of distributed Network History recorded by the EndaceProbe Analytics Platforms on their network.
Designed for conducting centralized, network-wide investigations, InvestigationManager is built for speed and efficiency and maintains the same ultra-fast response times whether it’s searching a single EndaceProbe or multiple EndaceProbes simultaneously. It does this by parallelizing search and data-mining across all the EndaceProbes being searched, simultaneously.
InvestigationManager is a standalone virtual server application that has a no-cost license. Multiple instances of InvestigationManager can be deployed as needed to manage or control access to Network History by region, network segment, job function or security clearance level.