Products & Releases

NetWitness Rolls Out NextGen Version 9.0

Version 9.0 of NextGen includes NetWitness Identity and support for 802.11 wireless capture
NetWitness Annual User Conference " Washington, D.C. " November 4, 2009 " NetWitness Corporation announced today the availability of version 9.0 of its award-winning NextGen enterprise network forensics and advanced threat intelligence platform at its Annual User Conference in Washington, D.C. The NetWitness user population includes over 15,000 security experts in more than 5,000 enterprises located in 126 countries around the world.

NextGen version 9.0 is not a simple evolution of a packet-sniffing technology, but a true revolution in automating network intelligence at the application layer and real-time network forensics.

"In 2009, we continued to see an alarming increase in the number of serious data breaches in public and private organizations due to advanced threats and the inability of security teams to detect complex application-based attacks using current tools and techniques," said Richard Stiennon, Chief Research Analyst, IT-Harvest. "With NextGen version 9.0, NetWitness has taken the nascent market of network forensics and real-time threat intelligence to a whole new level, providing deeper analytics and broader platform extensibility, and giving security teams the capabilities they need to reduce the risk exposure window."

The new features offered in version 9.0 include:

  • NetWitness Identity - provides the ability to easily correlate IP addresses in network sessions to end-user directory credentials " fusing an organization's Active Directory to offer a real-time 4-1-1 lookup capability. As a result, security staff can link compromised machines and inappropriate network behavior to a user's actual identity.

  • Support for 802.11 Wireless Capture - initially supported under the portable NextGen Eagle platform, this capability will be available on all NextGen 9.0 capture platforms. This new capability supports WEP in-line decryption and will support WPA decryption under an upcoming service pack.

  • 10Gbps Network Support - building off of real-world experiences with massive government, commercial and service provider networks, unlike other products in this space, NextGen 9.0 includes support for both capture and real-time analysis on 10Gbps networks.

  • Expanded authentication options - NextGen 9.0 supports Linux PAM, providing pluggable authentication modules that connect the NextGen infrastructure to customer authentication frameworks such as Kerberos for Windows and Unix environments, LDAP, Radius and many others.

  • Expanded enterprise management - NextGen 9.0 introduces a new administrative dashboard that enables comprehensive insight into global health across all connected appliances. This includes real-time feedback and charting for all system metrics, and expanded interfaces for managing configuration parameters, rules, alerts, parsers, feeds, and software updates across all devices from a single location.

  • Scriptable API - expanded support within the Software Development Kit (SDK) for C, C#, Java, Python, Perl, Ruby and .Net allowing programmers to extend the NextGen infrastructure using almost any popular language.

    "Version 9.0 of NextGen is a direct result of working hand in glove with our extensive customer community in helping them identify and address advanced threats," said Tim Belcher, Chief Technology Officer at NetWitness. "Once again we have pushed the envelope of what is possible well beyond what others are even contemplating."

    About NetWitness Corporation

    NetWitness' Corporation is the world leader in network forensics and automated threat intelligence solutions, helping government and commercial organizations discover, prioritize and remediate complex IT risks. NetWitness solutions concurrently solve a wide variety of information security problems including: advanced persistent threat management; sensitive data discovery and advanced data leakage detection; malware activity discovery; insider threat management; policy and controls verification and e-discovery. Originally developed for the US Intelligence Community, NetWitness has evolved to provide enterprises around the world with breakthrough methods of network content analysis and host-based risk discovery and prioritization. NetWitness customers include Defense, National Law Enforcement and Intelligence Agencies, Top US and European Banks, Critical Infrastructure, and Global 1000 organizations. NetWitness has offices in the U.S. and the U.K. and partners throughout North and South America Europe, the Middle East, and Asia.

    To download the freeware version of NetWitness Investigator, visit For more information about securing your entire organization with NetWitness NextGen, contact: [email protected]. Twitter handle: NetWitness

  • Editors' Choice
    Evan Schuman, Contributing Writer, Dark Reading
    Tara Seals, Managing Editor, News, Dark Reading
    Jeffrey Schwartz, Contributing Writer, Dark Reading