NetWitness Corporation, a specialist in network monitoring and forensics, incident response, data leakage and content monitoring and compliance, has reportedly unveiled version 9.0 of its NextGen enterprise network forensics and advanced threat intelligence platform.

According to a company press release, this newly announced version is not a simple evolution of a packet-sniffing technology, but is a true revolution in automating network intelligence at the application layer and real-time network forensics.

 

NetWitness (News - Alert) NextGen is a comprehensive network security monitoring solution that is said to record everything on the network, thus solving some of the most challenging problems organizations are facing today including; insider threats, data leakage, malware activity, asset misuse, network anomalies, compliance, and network e-discovery.

 

“Version 9.0 of NextGen is a direct result of working hand in glove with our extensive customer community in helping them identify and address advanced threats,” said Tim Belcher, chief technology officer at NetWitness, in the release.

 

“Once again we have pushed the envelope of what is possible well beyond what others are even contemplating,” added Belcher.

 

Some of the new features offered in version 9.0 include; NetWitness Identity, which is said to enable the ability to easily correlate IP addresses in network sessions to end-user directory credentials – fusing an organization’s Active Directory to offer a real-time 4-1-1 lookup capability. As a result, security staff can link compromised machines and inappropriate network behavior to a user’s actual identity.

 

The new version also is said to extend support for 802.11 Wireless Capture which was initially supported under the portable NextGen Eagle platform. This capability is said to support WEP in-line decryption and will support WPA decryption under an upcoming service pack. In addition, version 9.0 offers 10Gbps Network Support for both capture and real-time analysis on 10Gbps networks.

 

With expanded authentication options, NextGen 9.0 is said to support Linux PAM, providing pluggable authentication modules that connect the NextGen infrastructure to customer authentication frameworks such as Kerberos for Windows and Unix environments, LDAP, Radius and many others.

 

The new version also comes with expanded enterprise management where a new administrative dashboard is available that enables comprehensive insight into global health across all connected appliances. This includes real-time feedback and charting for all system metrics, and expanded interfaces for managing configuration parameters, rules, alerts, parsers, feeds, and software updates across all devices from a single location.

 

Also included is the expanded support within the Software Development Kit (SDK) for C, C#, Java, Python, Perl, Ruby and .Net allowing programmers to extend the NextGen infrastructure using almost any popular language.