Packet Capture Data Fusion

posted Mar 3, 2012, 6:11 AM by James Kraemer
Data Intelligence has released a new feature called Packet Capture Data Fusion. The capability allows an analyst to ingest a pcap file into the Data Intelligence entity repository. The data fusion process creates entities from the source and destination addresses and links from the TCP connections. After ingestion, the packet capture data is immediately ready to leverage the Entity Analytical Platform search, discovery and visualization features.

The unique value to the network analyst is the immediate ability to start building intelligence on-top of the raw pcap data and sharing the results through the Data Intelligence collaboration features. Future releases will allow for additional protocol decoders. (SMTP, FTP, HTTP, ICMP, etc.)

Network analysis is complicated and requires an array of tools to be successful. Data Intelligence can help your organization extract network intelligence with Packet Capture Data Fusion.