Network Forensics

Network forensics is a sub-branch of digital forensics relating to the monitoring and analysis of computer network traffic for the purposes of information gathering, legal evidence, or intrusion detection. Unlike other areas of digital forensics, network investigations deal with volatile and dynamic information. Network traffic is transmitted and then lost, so network forensics is often a pro-active investigation.

Network forensics generally has two uses. The first, relating to security, involves monitoring a network for anomalous traffic and identifying intrusions. An attacker might be able to erase all log files on a compromised host; network-based evidence might therefore be the only evidence available for forensic analysis. The second form of Network forensics relates to law enforcement. In this case analysis of captured network traffic can include tasks such as reassembling transferred files, searching for keywords and parsing human communication such as emails or chat sessions.



List of Vendors for Network Forensics


LogRhythm

Founded: 2003, Boulder, Colorado, USA

Website: www.LogRhythm.com

Key Principals: Security products and softwares

Click here to view products, solutions & other details of LogRhythm

RSA( Acquired by EMC)

Founded: 1982, Massachusetts, United States

Website: www.rsa.com

Key Principals: Encryption and Network Security products

Click here to view products, solutions & other details of RSA( Acquired by EMC)

IBM

Founded: 1911, Armonk, New York, USA

Website: www.ibm.com

Key Principals: Computer Hardwares, Softwares, Services, Consulting

Click here to view products, solutions & other details of IBM

Bluecoat Systems

Founded: 1996, Sunnyvale, CA, USA

Website: www.bluecoat.com

Key Principals: Networking and Security products

Click here to view products, solutions & other details of Bluecoat Systems

© 2013 ITATONE POINT CONSULTING LLP. All rights reserved.