We found NetDetector quite easy to use. Setup takes just a few minutes and most of this is spent unpacking the appliance. Initial configuration can be done either by connecting a monitor and keyboard directly to the appliance or through a hyperterminal connection.
After entering a few commands to set time and date, a wizard helped set IP addresses and IP settings such as DNS and gateway. Once that was completed we just plugged it in to our network tap and accessed the Java-based web GUI, which is easy and intuitive to navigate.
This solution is a solid performer. It sits off of a hub, span port of a switch or a network tap, so it sees all network traffic and is able to record anything that goes in or out of the enterprise. When doing analysis, we found drilling down into the many graphs an easy task and finding the exact data was quick and efficient.
This product comes with two main guides. A printed customer installation guide provides the initial setup and installation procedure to get the box up and running, plus clearly shows different tap and network connections. The user guide illustrates the different functions and features of the appliance in great detail. Both manuals include many screenshots and diagrams.
Customers get one year of support with the purchase of the Niksun appliance, consisting of phone and email assistance as well as access to a dedicated web portal. The latter includes access to the latest technical advisories, FAQs, worm/virus notes, learning tools and product documentation.
At a price starting at US$10,000, this product is an excellent value for the money. The combination of analysis capability and application reconstruction, along with simple intuitiveness, makes it a solid asset to almost any organisation.
For: Easy to use, with deep drill down and application reconstruction ability
Against: Nothing we found
Verdict: A solid product that not only provides good log analysis, it has the forensics chops to get the investigative job done. Our Best Buy