CeBIT Your intrusion detection system (IDS) may have just downloaded a new security rule, but you have no way of knowing if your network has already been hit by the exploit in a zero-day attack, says Network Instruments.

The company claims the latest update of its GigaStor network traffic recorder could help you find out, however, thanks to a security forensics capability which allows it to apply Snort rules to stored network traffic. The idea is to see if a security breach occurred before the IDS rule was applied, and then drill-down to see when and where it happened, and what problems it may have caused.

He added that GigaStor pricing remains the same, starting at £17,995 for a two-port configuration.

NI also announced a new software release for its Observer network analysis family - Observer 12 - plus a reporting server which can aggregate data from dozens of Observer network probes for an overall view of the network.

Other new features in Observer 12 include MPLS analysis, the ability to expand VOIP traffic and decrypt SSL/SSH, and native IPv6 tracking, monitoring and reporting. ®

Related stories

• Aardman picks Observer for net monitoring (7 July 2007)
• Experts scramble to quash IPv6 flaw (11 May 2007)
• US judges to learn computer forensics (14 March 2007)
• Interview The rise of zero-day patches (2 March 2007)
• Solaris offers fix for zero-day vuln (1 March 2007)
• Snort bug is nothing to sniff at (20 February 2007)
• Vulnerability tallies surged in 2006 (21 January 2007)
• Network analyser gets trigger happy (19 January 2007)