Network forensics is the retrospective analysis of network traffic for the purpose of conducting an investigation. You can use Omnipeek to capture, store, and data mine large volumes of traffic data in order to investigate items such as network problems, security attacks, HR policy violations, and more.
From the Capture Engine window, you can perform network forensics analysis from the Files or Forensics tab of a connected Capture Engine. See Forensic search from the Files tab and Forensic search from the Forensics tab.
NOTE: You can also perform forensic analysis directly from a ‘Forensics Capture’ window. See Forensic search from the ‘Forensics Capture’ window.