Sniffer Technologies Unveils InfiniStream Forensics Tool


Sniffer Technologies, a division of Network Associates, this week is expanding beyond network management into security with a new forensics tool.

The new product, InfiniStream, is built on technology Network Associates acquired with its purchase of Lindon, Utah-based Traxess last summer, said Christopher Thompson, vice president of product marketing at Network Associates, based here.

InfiniStream allows enterprise network administrators to capture, store and replay network traffic in order to identify the cause of a security breach, the extent of the damage and how to prevent it from happening again, he said.


InfiniStream allows network administrators to capture, store and replay network traffic.

The product has three components: a hardware appliance that serves as a "capture engine" to track network traffic at gigabit speeds and can store 2.8 Tbytes of data; a mining console, or user interface; and reconstruction/replay software.

Other forensics tools are applied to the network after an event, but InfiniStream continuously collects data, Thompson said.

"While it is collecting data, I can do mining and reconstruction without interrupting the package capture," he said.

InfiniStream costs about $85,000 and is being targeted at large enterprises, government agencies and service providers.

Initially, Sniffer will sell the complex appliance directly, but later this year, the vendor plans to sell it through select partners, Thompson said.

"We're trying to understand the serviceability and customer deployment model so we can understand how to make this profitable for the channel," he said.

Thompson said the product complements Sniffer's Network Performance Orchestrator, an integrated product suite that allows companies to optimize network performance and plan network growth, as well as Network Associates' McAfee security products.

He said he expects the product will provide service opportunities for VARs selling to midsize companies.

Steven Palange, president and CEO of TLIC Worldwide, a Network Associates partner, said he's aggressively following sales leads for Sniffer, which he called "an exceptional product." Having the capability to secure the network, InfiniStream looks promising, he said.

Eric Hemmendinger, an analyst at Aberdeen Group, said InfiniStream combines strong capabilities into one solution, which differentiates it from the competition. It will appeal to large and midtier organizations as a valuable security tool, he said.