Data Mining and Forensics using GigaStor™ and OBSERVER® Analyzer

This 2 day course is geared to teach students solid, network management and troubleshooting skills using the GigaStor™ network analyzer. This class provides the logical installation and configuration information necessary to ensure that the GigaStor™ is setup properly and capturing data from the network environment. Armed with this knowledge, students can effectively troubleshoot, maintain, optimize and monitor network traffic and keep your network operating at its peak performance.

Objective:

Understand how to mine data from the GigaStor™ as well as setup the probe, configure the virtual adapters and setup notifications. Quickly determine the approach for troubleshooting the network based on the different elements available from within the GigaStor™ interface. Learn to use a network analyzer to discover where problems exist and to take the appropriate action to find solutions.

Course Agenda - Day 1

- Deployment

- Interface Overview

- Understanding Instances

- Active vs. Passive Instances

- Virtual Adapters

- User Configurations

- Capture Configuration

- Acquiring Data in a switched environment (SPAN, TAPs, Aggregation TAPs)

- Network Baseline Techniques

- Response Time Measurement (Determining Network Latency)

- Identifying Common Network Problems

- Importing Snort Rules

- Network Forensics

Course Agenda - Day 2

- Packet Decode Viewer

- Finding Frames / Go-to Frames

- Filtering (Pre, Post, Capture)

- Expert Observer

- Setting Expert Thresholds

- Expert Help

- Connection Dynamics

- SSL Decryption

- Stream Reconstruction

- Server Analysis

- What if Analysis

- Multi Hop Analysis