Network Forensics and Lawful Interception Total Solutions Provider

E-Detective LAN Internet Monitoring & Forensics Analysis System Solution for: • Auditing and Record

Wireless-Detective WLAN Analytics/Forensics/Legal Interception System • Support Wireless LAN 802. 11 a/b/g /n Scanning

E-Detective / Lawful Enforcement Management Facility • Major Functions: – As a lawful interception

Data Retention Management System (DRMS) is designed for viewing Backup ISO Data centrally from

E-Detective Decoding Centre v Designed for Off-line Packet Reconstruction v Multi-Users and Case Base

HTTPS/SSL Interceptor • Decrypting HTTPS/SSL Traffic • Operation Modes • Network Crack and Redirect

Vo. IP-Detective User may opt to purchase the complete Appliance (Hardware + Software) or

Forensics Investigation Toolkit Offline Raw Data Files (PCAP) Decoding and Reconstruction Tool Solution for:

Network Investigation Toolkit What are the capabilities of NIT? • • Interception of Ethernet

Network Packet Forensic Analysis Training v Introduction to Network Packet Forensic Analysis Training This

Cyber Crime Investigation Training v Introduction to Cyber Crime Investigation Training In order to

More Than 180 Internet Application Decoders Generic E-Mail Webmail Instant Message Web Page Web

About Decision Group Ø Established in 1986 with 25 year experience in IT industry.

Slides: 14

Download presentation

Network Forensics and Lawful Interception Total Solutions Provider E-Detective Wireless-Detective E-Detective Decoding Centre E-Detective LEMF Data Retention Management System HTTPS/SSL Interceptor Vo. IP Detective FIT (Forensics Investigation Toolkit) NIT (Network Investigation Toolkit) Network Packet Forensic Analysis Training Cyber Crime Investigation Training DECISION GROUP INC.

E-Detective LAN Internet Monitoring & Forensics Analysis System Solution for: • Auditing and Record Keeping with ISO 270001, SOX, HIPPA…etc • Internet Monitoring/Network Behavior Recording • Forensics Analysis and Investigation for LEA Most Advanced Device for Data Leakage Protection, Lawful Interception and Network Forensic DECISION GROUP INC.

Wireless-Detective WLAN Analytics/Forensics/Legal Interception System • Support Wireless LAN 802. 11 a/b/g /n Scanning & Packet Capturing • Automatically WEP Key Cracking (WPA Optional Module) • Decode and Reconstruct WLAN packets • Capture/Decode/Display are All-in-One Important Tool for Lawful Enforcement Agencies such as Police, Military, Forensics, and Enterprise Auditing and Legal Department. The Powerful Smallest Forensic Device in The World DECISION GROUP INC.

E-Detective / Lawful Enforcement Management Facility • Major Functions: – As a lawful interception system for parsing pcap file format or raw packet data stream frontend mediation platforms or broadband service routers – Decoding all data packets associated with protocol based on service port number and session – Saving un-decoded data into specified directory in pcap format – Output decoded data into database and associated multimedia files with XML description files in predefined way – Compliance with ETSI TS 101 671 and ETSI ES 201 671 High Performance Passive LI Platform compliance with ETSI Standard DECISION GROUP INC.

Data Retention Management System (DRMS) is designed for viewing Backup ISO Data centrally from multiple E-Detective Systems. Provides a User Friendly GUI. Easy to import (mount ISO) and view the Backup Content especially for large amount of Backup ISO Files. Capable to mount and view multiple Backup ISO Files at the same time. Works with E-Detective system for Auto FTP Backup function. Allow Auto Backup ISO File in E-Detective to be stored in Backup Server. Search and Advance Search functions provided to search into Backup ISO Content or specific Backup ISO Content. Easy Management of Backup ISO Files. Integration with 3 rd party data mining or link analysis system Large Volume Data Manipulation and Centralized Data Processing with 3 rd Party Analysis System DECISION GROUP INC.

E-Detective Decoding Centre v Designed for Off-line Packet Reconstruction v Multi-Users and Case Base Management Ø Administrator can create different project/case for different user/investigator to conduct Internet raw data parser and forensics analysis task on the system v Various Content of Internet Applications Decoding Ø Email (POP 3, SMTP, IMAP), Webmail (Yahoo Mail, Gmail, Hotmail etc. ) IM (Yahoo, MSN, ICQ, QQ, UT, IRC, Google Talk, Skype Voice Call Log), File Transfer (FTP, P 2 P), HTTP (Link, Content, Reconstruct, Upload/Download, Video Stream), Telnet, Online Games, Vo. IP, Webcam (Yahoo, MSN) Cutting-edge Offline Decoding Device DECISION GROUP INC.

HTTPS/SSL Interceptor • Decrypting HTTPS/SSL Traffic • Operation Modes • Network Crack and Redirect - Man in the Middle Attack • HTTP/HTTPS Proxy • Certificate Replacement by Customization (optional) To view encrypted content, a key is a needed The Powerful HTTPS/SSL Cracker for Network Interception DECISION GROUP INC.

Vo. IP-Detective User may opt to purchase the complete Appliance (Hardware + Software) or only purchase Software from us. User may use their own dedicated server for installing the software. • Capable to intercept and capture (through Mirror Mode or Tap Deployment), decode and reconstruct Vo. IP RTP sessions. • Supports voice calls of SIP and H. 323. • Supported CODECS: G. 711 -a law, G. 711 -u law, G. 729, G. 726 and ILBC. • Capable to play back the reconstructed Vo. IP sessions. The Appliance for Vo. IP Cracking System DECISION GROUP INC.

Forensics Investigation Toolkit Offline Raw Data Files (PCAP) Decoding and Reconstruction Tool Solution for: • Internet or Network Traffic Content Analysis (Network Administrator) • Auditing of Internet or Network Traffics (Network Administrator) • Network Forensics Analysis and Investigation (Government and LEA) Forensics Investigation Toolkit (FIT) is a Windows based Application Software suitable for all group of users to analyze and forensically investigate on the content of Internet/network raw data files captured. * Compatible with: The Powerful Forensic Analysis Tool on Windows System DECISION GROUP INC.

Network Investigation Toolkit What are the capabilities of NIT? • • Interception of Ethernet LAN traffic through mirror port (or by network tap). Interception of WLAN traffic (up to 4 different WLAN channels). Intercept ion of Ethernet LAN HTTPS/SSL traffic by MITM attack. Intercept ion of WLAN HTTPS/SSL traffic by MITM attack. Real-time raw data decoding and reconstruction. Offline raw data decoding and reconstruction. Forensics analysis and investigation. Solution for: Lawful Enforcement Agencies (Police Intelligence, Military Intelligence, National Security, Counter Terrorism, Cyber Security, Defense Ministry etc. Combine ED, WD and EDDC into one portable system for field LEA agents DECISION GROUP INC.

Network Packet Forensic Analysis Training v Introduction to Network Packet Forensic Analysis Training This 3 day course utilizes the knowledge of computer security concepts together with switched network topologies and gives students hands on practical exposure to critical knowledge base essential for network forensic investigations. v Courses include Introduction to Cyber Crime Investigation Process Study on Major Network Protocols Operation and Administration of E-Detective, Data Retention Management System, Vo. IP and HTTPS/SSL interception ü Practical Case Study and Drills ü ü ü DECISION GROUP INC.

Cyber Crime Investigation Training v Introduction to Cyber Crime Investigation Training In order to fight against rampaging cyber crimes in the world effectively, you better understand the nature of cyber crime, the legal procedure, and learn the lesson of real cases from experienced investigators and experts. In this course, experienced speakers will introduce common cyber criminal skill, how to take investigation, digital data analysis with practical case study. v Courses include ü Cyber Crime with Vo. IP and Telecom ü Cyber Crime with Internet Services ü Legal Processes with Cyber Crime Investigation ü Methodology of Data Analysis for Cyber Crime Investigation ü Weakness of Common IT Systems ü Workshop on Drills DECISION GROUP INC.

More Than 180 Internet Application Decoders Generic E-Mail Webmail Instant Message Web Page Web FTP Web Video File Transfer Telnet Asia On-Line Game Vo. IP Social Network Service Mobile online applications POP 3, IMAP, SMTP GMail, Yahoo, Hotmail, … more than 21 webmail MSN, Google. Talk, ICQ, … more than 8 IM Web Link, Content and Request Upload/Download You. Tube, Google. Video … FTP, P 2 P, … more than 20 service BBS Playback is available More than 81 game SIP, H. 323 (G. 711, G. 729, ILIBC) Facebook, Twitter, Plurk … iphone, Android … DECISION GROUP INC.

About Decision Group Ø Established in 1986 with 25 year experience in IT industry. Ø Strong R&D Capability : 54 Software and Hardware engineers with 5 Ph. D. 10 Master Degrees Ø Offices: Taiwan, Singapore, China, Canada, Germany, Japan, Zimbabwe, Hong Kong Worldwide Business Partnership with ① OEM/ODM Partners – LI Solution Provider, DPI Solution Provider, Network Solution Provider, Security Solution Partner ② SI Channels – Network Service Partner, System Service Partner, Telecom Service Partner, Security Service Partner ③ Alliances – Consulting Firms, Legal Firms, Training Centers, LEA • • • Address : 4/F No. 31, Alley 4, Lane 36, Sec. 5, Ming-Shen East Road Taipei, Taiwan, R. O. C. Phone No : +886 2 2766 5753 Fax No : +886 2 2766 5702 E-Mail : decision@decision. com. tw URL : www. edecision 4 u. com DECISION GROUP INC.