Informer 
How do you know if your network is communicating with botnets or leaking sensitive data? Are you monitoring for operational regulatory compliance or corporate policy violations? Informer outperforms traditional network security products on the market because it highlights the most critical areas of concern, which are blind spots to traditional security products.
NetWitness Informer sets a new standard for network security analytics. As part of the NetWitness enteprise network monitoring platform, Informer is the application for enterprise-wide visualization, alerting, reporting and real-time situational awareness. Informer does not simply rely on log files, netflow or other limited data sets to generate alerts – it harnesses the pervasive knowledge of your network obtained by the NetWitness enterprise security platform.
By having every session, communication, service, application and user’s activity recorded, reconstructed and exposed for analysis, the possibilities are endless as to what answers can presented to your team by Informer. Zero day malware, botnets, policy evasion tactics, intentional data exfiltration, anomalous communications, compliance gaps, and other trends occurring on your network can become quickly apparent through Informer’s rules-based approach and dashboard. Informer uses a fully interactive and intuitive web-based graphical user interface (UI) for viewing alerts, charting and tiled views, and employing the hundreds of standard reports and alerts.
The UI also enables users of any skill level to quickly build their own custom alerts, queries, reports and rules. Informer is designed to immediately integrate into your existing security operations processes and deliver a level of real-time situational awareness that was previously unachievable.
A unique component of NetWitness Informer is Visualize. Visit here for more information.
- Flexible dashboard, chart and summary displays for unified view of real-time captured data
- Fully customizable, XML-based rules and report library for infinite report and alert combinations
- Supports CEF, SNMP, syslog, SMTP data push for integration in SIEM and network security monitoring technologies
- Flexible, WYSIWYG drag-and-drop report builder and scheduling engine
- Full role-based access controls
- HTML and PDF report output formats
- Easily navigate sessions in both grid and chronological views
- Intuitive zoom in/zoom out UI with on-demand session information for each image
- Interactive through the use of a multi-touch monitor
- Integrates bidirectionally with NextGen Investigator
- Offered as Windows® software – or integrated appliance for deployment flexibility
Report Examples
- Security - profile and alert on zero-day, BOTnet, DYN, DNS and intrusion activity with complete content
- Compliance - audit network-based components of policies and regulations such as FISMA, HIPPA, ISO 1779, SOX\GLB, and PCI standards
- IT Operations - report and chart across application and network layer metrics
- Business Intelligence - profile sensitive data flow in real-time with total access to all events and content surrounding suspect activity
- Insider Threat - monitor and profile computer, user, and resource activity across every application and device
- Legal – support e-Discovery, criminal investigations, or liability audits through network entity profiling and analysis
Minimum System Requirements
NetWitness recommends the following minimum hardware requirements for NetWitness Informer software.
- Windows® 2003 Server or Vista
- Microsoft IIS 5.0+
- 4GB RAM
- 1 Ethernet Port
- Internet Explorer v7 (also supports Firefox, Chrome and Safari browsers )
- .NET 2.0 with AJAX.NET Extensions
NetWitness® Informer Appliance
| Informer | SKU | Processor | RAM | Interfaces | Total Storage | Power | Form Factor | Weight |
|---|---|---|---|---|---|---|---|---|
 |
NWA200-N-8i | Quad-Core | 8GB | (2) 100/1000 Copper | 8TB Redundant | Redundant 450W | 1U, Full-Depth | 45 lbs |
NetWitness Informer Datasheet (PDF) Download