Questions:

What's new in Omnipliance 12?

SEE MORE

What's new in Omnipliance 12?

  • Support for new Savvius hardware appliances
  • Improved Capture to Disk performance
  • Added support for 3rd party authentication
  • Expert enhancements
  • VoIP enhancements
  • Support for Financial Transaction Card Message Interchange protocol (ISO8583)

What are the new models of Savvius Omnipliances?

SEE MORE

What are the new models of Savvius Omnipliances?

  • T310
  • M210
  • C110

What added support for 3rd party authentication has been added to Omnipliance 12?

SEE MORE

What added support for 3rd party authentication has been added to Omnipliance 12?

ACL supports third-party authentication by allowing the administrator to enter a username in the Add Users to ACL dialog. The username entered is the one entered by a user for third-party authentication. Users are able to configure them to allow authentication via RADIUS, TACACS+ (Not supported on Capture Engine for Windows), or Active Directory.

What are some of the new Expert enhancements?

SEE MORE

What are some of the new Expert enhancements?

  • Improved Expert and VoIP performance
  • Added Expert event for detecting Gratuitous ARP
  • Added Expert event for detecting TCP Duplicate ACKs
  • Made SACK options more obvious in Flow Visualizer
  • Made Flow Visualizer come up faster
  • Updated Expert event default settings
  • Improved Expert event behaviors
  • Improved Expert Settings file handling for the engine

What are some of the new VoIP enhancements?

SEE MORE

What are some of the new VoIP enhancements?

  • Added Asserted Identity to Calls & Media views
  • Added the ability to search Asserted Identity
  • Fixed VoIP-related issues
  • Fixed call playback, DTMF related issues
  • Synthesized DTMF from RTP events when signaling is absent

How do you configure the new Protocol Translations the Omnipliance?

SEE MORE

How do you configure the new Protocol Translations the Omnipliance?

  1. Go to the tab in Settings>Protocol Translations
  2. Click the Insert Button
  3. Choose TCP or UDP
  4. Enter the Port number
  5. Choose the Sub-Protocol by clicking “Choose” then click OK

What is the Packet File Indexing feature in the Capture Options?

SEE MORE

What is the Packet File Indexing feature in the Capture Options?

This feature improves the forensic search performance.

How do you configure the Packet File Indexing to increase performance for Forensic Searches?

SEE MORE

How do you configure the Packet File Indexing to increase performance for Forensic Searches?

  1. Go to Capture Options>Packet File Indexing
  2. Select the packet characteristics you are most likely to use in a forensic search software filter then click OK

What is the Monit feature in Omnipliance Linux?

SEE MORE

What is the Monit feature in Omnipliance Linux?

The Monit open-source utility for Linux is included with Omnipliance. The utility monitors various Capture Engine processes, disk health, capture status, adapter card status, and more. It will send pre-defined alerts to syslog when problem conditions are detected.

How do you enable the Monit feature to run?

SEE MORE

How do you enable the Monit feature to run?

The Savvius configuration is disabled by default, and can be enabled it to run automatically on boot by issuing the following commands:

(cd /etc/monit/conf-enabled; ln -s ../conf-available/omnid) monit reload

The Savvius configuration is stored and runs in a directory that will persist on reboot. It is user programmable and has many options, but only the pre-defined Savvius parameters and options are supported.

What is the "Priority to Disk" option?

SEE MORE

What is the "Priority to Disk" option?

When enabled it gives priority to capture-to-disk (CTD) captures, so that real-time analysis doesn’t impact the CTD performance.

If I am running two CTD (Capture to disk) captures on the same adapter, should I enable both for the "Priority to Disk" option?

SEE MORE

If I am running two CTD (Capture to disk) captures on the same adapter, should I enable both for the "Priority to Disk" option?

Yes, if two captures are on the same adapter but one has CTD Priority off, it essentially makes it off for all other CTD captures.

What is the RAID 6 option for Omnipliance?

SEE MORE

What is the RAID 6 option for Omnipliance?

If you order a Savvius Omnipliance (M210 or T310 only), you can specify RAID 6 instead of the standard RAID 0. RAID 6 has the advantage of being able to replace a defective hard drive without having to reimage the unit.

I have an Omnipliance, can I change it from RAID 0 to RAID 6?

SEE MORE

I have an Omnipliance, can I change it from RAID 0 to RAID 6?

Yes, but the unit will need to be reimaged and all your data will be lost. In addition, the time to reimage the unit will be much longer when using the RAID 6 option.

Can I continue to use my Omnipliance when a defective drive is replaced in the RAID 6 array?

SEE MORE

Can I continue to use my Omnipliance when a defective drive is replaced in the RAID 6 array?

Yes, but the overall performance will be impacted until the drive is completely assimilated into the array.

How do I see what users are connected to my Omnipliance?

SEE MORE

How do I see what users are connected to my Omnipliance?

Go to the “Admin” tab and in the tab called “Connected Users” it will show all users currently connected to the engine.

I see there is no LCD panel on the Omnipliances, how is it configured?

SEE MORE

I see there is no LCD panel on the Omnipliances, how is it configured?

There 3 ways to configure the interfaces on an Omnipliance.

  • USB flash drive
  • VT-100 Terminal
  • Default static IP address

What is the Sparklines graph in the in the Details subtab of the Forensics tab?

SEE MORE

What is the Sparklines graph in the in the Details subtab of the Forensics tab?

The Sparklines are the Network Utilization (Mbits/s) graphs, just shrunken. The data for the Sparklines is only requested when the item becomes visible. Sparklines are updated for active captures.

What is the "Disk space for this capture" option in the General>Capture Options?

SEE MORE

What is the "Disk space for this capture" option in the General>Capture Options?

This slider and associated text field are used to specify the maximum amount, in gigabytes, of disk space for the capture to occupy.

What is the new VLAN-MPLS Advanced Filter Node?

SEE MORE

What is the new VLAN-MPLS Advanced Filter Node?

This is an advanced filter node which you will be able to specify one or more VLAN IDs or ID ranges. Also, you will be able to specify one or more MPLS Labels or Label ranges.

What is the Diagnostics tab in the Omnipliance?

SEE MORE

What is the Diagnostics tab in the Omnipliance?

This tab will allow you to run diagnostics on the connected engine and then display the results in a text box. You can save the diagnostics information to a text file, copy selected text, and refresh the current view.

Note: This information is usually used for tech support troubleshooting an issue.

What is the real-time Forensic Search feature?

SEE MORE

What is the real-time Forensic Search feature?

When you do a forensic search, the results window will show up immediately. You will also see a progress bar at the top of the window displaying the progress of packets loading and processing.

How do I download files from my Omnipliance to my Omnipeek console machine?

SEE MORE

How do I download files from my Omnipliance to my Omnipeek console machine?

There are 2 ways you can accomplish this task:

  1. Go to the Tools pull down menu in Omnipeek and select “Download Engine Packet Files”.
  2. From the Files tab of the Omnipliance, highlight the file/s you want to download, right-click and select the “Download Packets” option or just click the “Download Packets” icon.

How do I add files to the Omnipliance?

SEE MORE

How do I add files to the Omnipliance?

  1. Go to the Files tab
  2. Click on the Upload Packets icon
  3. Select the files you want to add to the Capture Engine
  4. Click Open

How do I configure and manage my Omnipliance?

SEE MORE

How do I configure and manage my Omnipliance?

The Omnipliance can be managed and configured with the Capture Engine Manager. This is installed with Omnipeek as a separate program.

Can I add software or hardware to my Omnipliance?

SEE MORE

Can I add software or hardware to my Omnipliance?

No, the Omnipliances are optimized for Enterprise network packet recording. You should not under any circumstances add software or hardware to these machines as doing so will compromise performance and void the warranty.