Questions

What are new the features that are available in Capture Engine Enterprise 10.1?

SEE MORE

What are new the features that are available in Capture Engine Enterprise 10.1?

  • Simple UI for reassigning protocol analysis on non-standard ports
  • New Compass views for country statistics and node grouping
  • New Productivity and Risk rankings in application analysis
  • Improved forensic search performance using file indexing

What are new the features that are available in Capture Engine Enterprise 10.0?

SEE MORE

What are new the features that are available in Capture Engine Enterprise 10.0?

  • Customize packet decode views
  • Faster forensic searches
  • Support for notifications via authenticated email systems
  • Filter by country

What is the new Port Translation for ProtoSpecs?

SEE MORE

What is the new Port Translation for ProtoSpecs?

This option makes it easy for you to configure analysis of protocols on non-standard ports.

What are a couple of the new Compass Enhancements?

SEE MORE

What are a couple of the new Compass Enhancements?

  1. Added new “Countries” statistics chart window for grouping statistics by countries
  2. Added new Compass Option for grouping Nodes by Node & MAC, Node or MAC

What are the new Application Dashboards and Statistics views?

SEE MORE

What are the new Application Dashboards and Statistics views?

The Applications Dashboard view now includes a Category view. Also, the Application Statistics now include the columns Category, Productivity and Risk.

What is the new Packet File Indexing feature in the Capture Options?

SEE MORE

What is the new Packet File Indexing feature in the Capture Options?

This new feature improves the forensic search performance.

Has Savvius added the ability to have multiple decode columns in the Packets view?

SEE MORE

Has Savvius added the ability to have multiple decode columns in the Packets view?

Yes. By right-clicking on a field within the Decode View, you can add as many decode columns as you like and arrange them in any order.

What is the Country Filter dialog menu and where can I find it?

SEE MORE

What is the Country Filter dialog menu and where can I find it?

The Country Filter dialog allows you to specify one or two countries, and a direction (like the address and port filter dialogs). It is in the Advanced filter under the Logical “And”, “Or” and “Not” options.

What is the Remote Compass feature?

SEE MORE

What is the Remote Compass feature?

The New Remote Compass is the same interactive network forensics dashboard application in Omnipeek that is now available on the Capture Engine for Omnipeek.

How do I see what users are connected to my Capture Engine?

SEE MORE

How do I see what users are connected to my Capture Engine?

Just log into the Engine, then go to the Admin Tab>Connected Users. A complete list of users will be there.

What is the TCPDump Adapter for the Capture Engine?

SEE MORE

What is the TCPDump Adapter for the Capture Engine?

The TcpDump Adapter Plugin now provides a user interface for the Capture Engines which supports the following actions.

  • Connect to a remote host and retrieves the remote host’s list of supported interfaces.
  • Create Tcpdump Adapters associated with a remote host/interface.
  • Edit Tcpdump Adapter configurations.
  • Delete Tcpdump Adapters.

What is the Top Applications graph on the Forensics tab?

SEE MORE

What is the Top Applications graph on the Forensics tab?

The Top Applications Distribution graph is collected when “Top Stats” is enabled in the Capture Options. Data for Top Applications Utilization is collected when “Timeline Stats” is enabled in the Capture Options. This data is also available in the Applications Dashboard.

What is the Sparklines graph in the in the Details subtab of the Forensics tab?

SEE MORE

What is the Sparklines graph in the in the Details subtab of the Forensics tab?

The Sparklines are the Network Utilization (Mbits/s) graphs, just shrunken. The data for the Sparklines are only requested when the item becomes visible. Sparklines are updated for active captures only.

What is the "Priority to Disk" option?

SEE MORE

What is the "Priority to Disk" option?

When enabled it gives priority to CTD (Capture to disk) captures, so that real-time monitoring captures have less impact on the CTD performance.

What is the "Disk space for this capture" option in the General->Capture Option?

SEE MORE

What is the "Disk space for this capture" option in the General->Capture Option?

This slider and associated text field are used to specify the maximum amount, in gigabytes, of disk space for the capture to occupy.

What is the VoIP Stats Option in the General->Capture Options?

SEE MORE

What is the VoIP Stats Option in the General->Capture Options?

When VoIP Stats are enabled, it will rate calls as Bad, Poor, Fair, and Good based on MOS-Low which will appear on the Timeline graph.

What is the "Download Engine Packet Files" option in Omnipeek's Tools menu?

SEE MORE

What is the "Download Engine Packet Files" option in Omnipeek's Tools menu?

This option will allow you to search, download and merge packet files from multiple engines.

What is the Support tab used for?

SEE MORE

What is the Support tab used for?

The information that is stored there is mainly for Tech Support in case customers experience problems.

If I save the information as a backup file or email it to Tech Support, what information am I saving?

SEE MORE

If I save the information as a backup file or email it to Tech Support, what information am I saving?

This feature allows you to save the data displayed on the Home tab and all options of all captures present on the engine.

What information is contained in the Audit Log tab?

SEE MORE

What information is contained in the Audit Log tab?

The Capture Engine audit log lists available information regarding events taking place on the Capture Engine. Each log entry displays the Date, Time, Client, User, Message, and Result.

How do you use the searchable log options in Capture Engine?

SEE MORE

How do you use the searchable log options in Capture Engine?

  1. Go to the Logs view on an Engine capture window.
  2. Click on the Clock icon next to the Search field.
  3. Select the date and time range.
  4. Click OK.

What is Active Directory Authentication for Capture Engine?

SEE MORE

What is Active Directory Authentication for Capture Engine?

To provide Active Directory authentication to the Engine, we use the provided (ADSI) components.

Configuring Active Directory Authentication on Capture Engine Windows will require two bits of information:

  • IP Address: This is the host servers IP Address
  • Port Number: Default port is 389

How does the offline forensic search feature work?

SEE MORE

How does the offline forensic search feature work?

When a forensic search is started, it will continue and when it is completed, it will show up in the Forensic Searches tab. If it is a lengthy search, the user can log out of the engine and log back in at any time to view and analyze the results.

How does the packet de-duplication feature work?

SEE MORE

How does the packet de-duplication feature work?

In the General Capture Options, there is now a check box that says “Discard duplicate packets”. When this is checked, if the FCS of an incoming packet matches one from the ring buffer, that packet will be discarded. This is a great feature for customers monitoring from SPAN ports, where duplicate packets are often seen.

Why am I not seeing the Multiple Engine View in Capture Engine?

SEE MORE

Why am I not seeing the Multiple Engine View in Capture Engine?

If you have a Group made, click the “Group Name” i.e., “John Does Engines” and all the Engines under that group will appear in the Multiple Engine View. If you have not put your Engines in a Group then you must click the empty space right under the list of Engines. Then the Multiple Engine View will appear on the screen with all the Engines.

Why can't I see the Capture Engine Tabs such as Filters, Graphs, Alarms, and Notifications?

SEE MORE

Why can't I see the Capture Engine Tabs such as Filters, Graphs, Alarms, and Notifications?

You must first select the Settings Tab and then all the Tabs mentioned above will populate on the Home screen.

What are the TimeLine graph and forensics capabilities on the Omnipliances and Capture Engines?

SEE MORE

What are the TimeLine graph and forensics capabilities on the Omnipliances and Capture Engines?

TimeLine graph and forensics capabilities now apply to all Omnipliances as well as Capture Engine Enterprise. Those products are now able to display a Timelne graph, real-time stats, and perform forensics search.