Use Deep Packet Inspection For Your Network Forensics Requirements
Network packet analysis, storage of historical network events, and comprehensive analytical capabilities make LANGuardian the ideal solution to your network forensics requirements. When you need to analyze an incident or respond to a request for information about network activity, LANGuardian provides all the details you need.
Firewalls, content filters, and anti-virus software can help to protect a network by blocking certain types of traffic, but it’s inevitable that breaches will occur.
Advanced persistent threats are the most sinister breaches and receive the most publicity, but the most common breaches arise from misconfigured systems and deliberate or unwitting misuse of the network by authorized users. These breaches are often difficult, even impossible, to detect using real-time monitoring tools.
However, with network forensics you can identify patterns of behavior that you cannot identify from real-time data alone.
“This product is amazing… I’m getting an insight into the network that I have never had before and seeing activity that I just did not know was going on”
Kanes Foods, Ltd.
LANGuardian Network Forensics
The network forensics features of LANGuardian are extremely easy to use. You simply enter an IP address (subnets are also supported) or a username, then click Go. LANGuardian returns a page showing a summary of all information relating to the IP address or username you entered. You can then drill down into the details to investigate further, ultimately to the level of individual data flows.
LANGuardian is able to provide this information because it continuously captures the traffic flowing through your switch and records details of all network events in the LANGuardian database, where the data is optimized for speedy retrieval. The amount of traffic LANGuardian can store is limited only by the amount of storage space available. Automatic and manual archiving ensures you never run out of space to capture new events.
LANGuardian Custom Reports and Trends
When you have created a report that provides the information you need (for example, amount of traffic to and from youtube.com over the previous 24 hours), you can save the report and run it again at any time. You can use wildcards and regular expressions in the report criteria. You can receive reports in email or PDF format as well as interactively, and you can schedule them to run at any time.
LANGuardian trends are reports that run at specified intervals and store the data in the LANGuardian database, enabling you to display a graph of how the report output changes over time. With trends, you can identify anomalies in traffic levels and user behavior that you could not easily identify from reports.
LANGuardian Network Forensics in Action
LANGuardian helps network administrators troubleshoot network problems and identify anomalous or illegal behavior every day. Here are some examples:
- Responding to copyright infringement notices.
- Locating files missing from a Windows file share.
- Detecting spam originating from the network.
Find out more
Learn how LANGuardian should be your number one choice for a network forensics analysis tool. Find out where you have issues on your network and get to the root cause of them quickly without the need to deploy agent or client software.
If you have any questions about how LANGuardian can meet your requirements, please contact us. If you would like to see LANGuardian in action, please try our online demo system or download a free 30-day trial to try it on your own network with your own data.
Talk to us now
Talk to NetFort today. Contact us at firstname.lastname@example.org or call us at +353 (91) 520 501.
How to buy
We offer perpetual and subscription LANGuardian licenses based on the number of users on your network and the number of sensors you want to deploy. Specialized features are provided as optional modules, so you do not pay for them if you do not need them.