NetWitness NextGen v9.5
Strengths: Wide range of features backed by strong hardware.
Weaknesses: Light on summary reporting.
Verdict: Easy-to-use network forensic product that provides strong performance.
SummaryNetWitness NextGen v9.5 is a network forensic tool that uses a combination of dedicated hardware and application software to provide a method for collecting and analyzing network traffic. The NextGen appliance supports multiple applications from NetWitness; however, this review focuses on the Administrator and Investigator software, used to index, sessionize and analyze captured data.
The initial installation required some basic configuration to allow access to the network. The configuration process could be done through a direct connection with a monitor and keyboard or though a HyperTerminal connection. After connecting the appliance to the network, the NetWitness Administrator and Investigator software were installed on a local host. Documentation provided a step-by-step process for installing and configuring, which simplified the process. Although, the documentation for the setup was not initially provided with the product, after contacting support, this issue was quickly resolved.
The appliance has the ability to capture all traffic across the network. This traffic can then be viewed in the Investigator software to perform forensic analysis.
The product proved to be user friendly and easy with which to work. Also, the easy-to-maneuver interface allows for quick and efficient analysis of network content.
Three levels of fee-based support are offered. The cost for silver support starts at 20 percent of the appliance list price. The maintenance plus package also offers remote connection assistance from professionals that allows for remote optimization and maintenance. Also included for all customers is a free online community forum.
This product is a valuable tool for any organization that requires an in-depth and powerful network analysis product. It is well worth the list price.