Sandstorm Enterprises® : "tools with sharp edges"®

Sandstorm Enterprises, Inc.

"tools with sharp edges"®

NIKSUN Purchases Sandstorm Enterprises

NIKSUN has acquired Sandstorm Enterprises in a transaction involving assets and staff. For details please click: http://niksun.com/news.php?id=36

Sandstorm Enterprises, the company that gave you PhoneSweep, now introduces:

NetIntercept with Chain of Custody and Investigator's Notebook
NI laptop image

Sandstorm Enterprises, the leader in digital forensic analysis software, announces the release of NetIntercept 4.2 with Chain of Custody and Investigator's notebook. NetIntercept lets you protect the integrity of captured and analyzed traffic in order to provide a legal "Chain of Custody" (COC) when evidence from NetIntercept analysis is questioned in a court of law.

New Features in NetIntercept 4.2

  • Legal Chain of Custody allows you to verify that your data has not been tampered with; optionally hashes and signs all captured packet files to support later validation of the Chain-of-Custody
  • Connection sort handles Generic Routing Encapsulation (GRE)
  • Optionally sorts unrecognized Ethertype, LLC SAP, SNAP OUI and IPv4 or IPv6 protocols into connections
  • Increased connection limit to 5,000,000 connections
  • Parses SFTP and SCP (secure file transfer protocols)
  • Increased data capture rate
  • View ASCII and Non-ASCII characters from network traffic throughout the GUI
  • Non-ASCII characters from network traffic are normalized to UTF-8 in reports and exported data

Experiment with our downloadable Windows demo to see the productivity benefits of NetIntercept. View our example analysis results, or import traffic you've captured.

Request a NetIntercept Demo
Request a NetIntercept Demonstration

NetIntercept delivers in four easy steps:

Capture


Capture image

Analyze


Analyze image
NetIntercept silently monitors your network, captures whole packets (not just headers), and archives that traffic for future session and packet analysis.
NetIntercept reconstructs sessions, using patented heuristic traffic analysis to detect spoofing and non-standard port usage, unwraps compressed files, reconstructs files sent over the network, and searches for key words and phrases.

Discover


Discover image

Investigate


Investigate image
You're presented with a Result Set of session data, powerful search tools for investigation and analysis, graphs and reports, and access to all the reconstructed files. And should you need raw packet-by-packet data analysis, that's available as well.
Allows users to store entries related to a single incident, or establish an ongoing incident log. Entries can be automatically linked to connections, images, bookmarks, and full Result Sets.

Here's what people are saying about NetIntercept:
"NetIntercept ... has the necessary tools to close in on desired information in huge amounts of packet data, much like finding a specific grain of sand in the desert." - Mark Spencer, EvidentData
"[NetIntercept] drilled down into the packets in such a precise way...without all the clutter of unneeded traffic. I was impressed with the speed at which you can pinpoint or find a potential problem"
- an aerospace industry customer
"[NetIntercept] has the ability to look into the past with perfect clarity. I can use NetIntercept to examine packet by packet not only that one event, but all of the events that led up to it." -  a medical facility customer
"Sandstorm's NetIntercept gave us the most bang for the buck...which earned it our Best Value award." - from "Body of Evidence - Network Forensic Tools" by Greg Shipley

Site materials © 1998 - 2009 Sandstorm Enterprises, Inc. The Sandstorm logo®, LANWatch®, NetIntercept®, PhoneSweep®, Sandtrap®, TCP.demux™, Single Call Detect™, Tools with sharp edges®, Rapid Event Analysis™, and Sandstorm Enterprises® are all trademarks or registered trademarks of Sandstorm Enterprises, Inc.