H11 Digital Forensics.com
NetWitness Eagle
NetWitness NextGen Eagle is a portable and compact version of the NetWitness® Decoder. NextGen Eagle broadens NetWitness’ capabilities from fixed network infrastructure devices to include a compact, mobile monitoring system to support law enforcement, incident responders, auditors, intelligence, and consulting staff for field-duty scenarios.
Contact a forensics specialist: 1.801.596.2727
NetWitness Eagle
NextGen Eagle enables powerful and rapid field deployment of the NetWitness full packet capture and session analysis technology with a briefcase-size footprint. Unlike other portable vendor offerings, NextGen Eagle also supports WiFi monitoring with the exceptional depth of analysis the NetWitness community has come to expect. NextGen Eagle broadens NetWitness’ capabilities from fixed network infrastructure devices to include a compact, mobile monitoring system to support law enforcement, incident responders, auditors, intelligence, and consulting staff for field-duty scenarios. NextGen Eagle is designed for ease of use during field perations and exceeds existing market capabilities by:- Providing an instant footprint for Gigabit collection with 3TB of total storage
- Supporting wireless network analysis, including WEP enabled WAPs
- Providing redundant engineering to deal with harsh travel environments
NetWitness Eagle Features
- Supports forensic, tactical and strategic network analysis and incident response.
- Fully compatible with all NetWitness NextGen infrastructure and analytical applications.
- 64-bit Linux-based, highly configurable, full packet capture and reassembly device.
- Protocol and application exploitation: HTTP, FTP, TFTP, TELNET, SMTP, POP3, NNTP, DNS, SOCKS, HTTPS, SSL, SSH, Vcard, PGP, SMIME, DHCP, NETBIOS, SMB/CIFS, SNMP, NFS, RIP, MSRPC, Lotus Notes®, TDS(MSSQL), TNS(Oracle®), IRC, Lotus Sametime®, MSN IM, RTP, Gnutella, Yahoo Messenger, AIM, SIP, H.323, Net2Phone®,Yahoo Chat, SCCP (Cisco® Skinny), Bittorrent, GTALK, Hotmail, Yahoo Mail, GMail, TOR, Social Networking, Fast Flux, and many others.
- FlexParse™ enabled for rapid, user defined parsing and modeling.
- Supports threat intelligence feeds that track BOTs, designer malware, darknets, proxies, etc.
- Available API/SDK for custom application development
Appliance Models
| sku | nwp 50-16D |
| interface | one copper ethernet 100/1000 for mgmt one copper ethernet 100/1000 for capture one wifi interface for capture. |
| storage | 3TB total storage redundant |
| rack unit | briefcase; 5.75" (D) 11.5" (H) 16.8" (W) |
| power | 520W 120/240V |
| weight | 16 lbs. |
