What's New in Savvius Omnipeek 10.1

Support for new T300, M200, and C100 appliances

SEE MORE

Support for new T300, M200, and C100 appliances

Omnipeek now supports three new Savvius Omnipliances, industry-leading packet capture and analysis appliances, that enable real-time and post-event analytics at up to 25 Gbps.

Simple UI for reassigning protocol analysis on non-standard ports

SEE MORE

Simple UI for reassigning protocol analysis on non-standard ports

Protocol translation options now exist that let you translate TCP and UDP packets on a specific non-standard port to a specific protocol. For example, you can categorize all TCP traffic occurring on port 32000 as HTTP traffic.

New Compass views for country statistics and node grouping

SEE MORE

New Compass views for country statistics and node grouping

Our popular Compass dashboard now allows for grouping statistics by country. Additionally, you can group nodes by node and MAC, node or MAC.

New Productivity and Risk rankings in application analysis

SEE MORE

New Productivity and Risk rankings in application analysis

When viewing application statistics, ‘Productivity’ and ‘Risk’ columns can now be enabled and displayed inside the Applications dashboard and Application statistics table. Productivity is scored relative to the work value of an application, and risk is scored on a scale of 1 to 5, based on weighted risk factors.

Improved forensic search performance (Capture Engine only) using file indexing

SEE MORE

Improved forensic search performance (Capture Engine only) using file indexing

Under certain conditions, forensic search performance can be significantly enhanced using packet file indexing when capturing packets and software filters when performing forensic searches.

Unlimited use of Omnipeek Remote Assistant (ORA) in Omnipeek Enterprise

SEE MORE

Unlimited use of Omnipeek Remote Assistant (ORA) in Omnipeek Enterprise

Unlimited use of ORA is now a standard feature in Omnipeek Enterprise. ORA allows remote users to easily collect critical network data needed for troubleshooting network problems. The network data (also known as ‘captures’) is fully encrypted and can only be accessed by the analyst requesting the data. Once the data has been collected and stored locally on the computer running ORA, the files can be transferred to the analyst for further investigation using Omnipeek Enterprise.

What's New in Savvius Omnipeek 10

View File Content

SEE MORE

View File Content

Since information about file content is critical to most security investigations, Omnipeek® 10 reconstructs files by extracting data from reassembled HTTP payloads. This reconstruction, performed automatically when a packet file is opened, includes a thumbnail representation of each file in a new Files view.

Investigation Overview

SEE MORE

Investigation Overview

The new Overview graph overlays summary level information regarding the entire packet file under analysis. This information, displayed on every Omnipeek View, provides context for the current analysis and enables a rapid transition to any time segment.

Savvius Omnipliance Status Notifications

SEE MORE

Savvius Omnipliance Status Notifications

Savvius Omnipliance® performs 24×7 analysis and troubleshooting for mission critical enterprise networks. When a drive goes down, or a network capture stops, Omnipeek 10 immediately notifies the administrator via syslog and/or email.

Security Events from Snort and Suricata

SEE MORE

Security Events from Snort and Suricata

Security analysts need packet data when investigating security alerts, whether in near-real time or months later. Omnipeek 10 imports the analytical results from two popular open source security analysis tools–Snort® and Suricata– and overlay the resulting security alerts against the packet data for immediate, detailed analysis of any suspected breaches.

Customize Packet Decode Views

SEE MORE

Customize Packet Decode Views

Network troubleshooting takes many different forms depending on the problem, sometimes requiring analysis of uncommon elements not offered in standard views. Omnipeek 10 creates unique packet decode columns based on any information within packets, making it very easy to find and compare packets that contain the specific elements under investigation.

Filter Files to Maximize Computing Bandwidth

SEE MORE

Filter Files to Maximize Computing Bandwidth

As networks get faster, packet captures get bigger. Opening these large packet files, or even multiple packet files, can be challenging on computers with limited resources. Filtering packet files for only the information needed, like a specific IP address and/or port range, before loading the packets significantly increases analysis performance.

Faster Forensic Searches

SEE MORE

Faster Forensic Searches

Omnipeek 10 significantly increases the speed at which packet data can be retrieved from disk, making post-capture analysis much more efficient.