computer forensics Home Page    Information Security and Computer Network Forensics Expert
- English - Français- Deutsch - Español - 日本語 - 繁體中文 -

 Total Solutions for Computer Network Forensic  Request software testing  



E-Detective - Real-Time Network Forensics and Lawful Interception System

E-Detective is a real-time Internet interception, monitoring and forensics system that captures, decodes, and reconstructs various types of Internet traffic. It is commonly used for organization Internet behavioral monitoring, auditing, record keeping, forensics analysis, and investigation, as well as, legal and lawful interception for lawful enforcement agencies such as Police Intelligence, Military Intelligence, Cyber Security Departments, National Security Agencies, Criminal Investigation Agencies, Counter Terrorism Agencies etc. It also can provide a compliance solution for many standards or acts like Sarbanes Oxley Act (SOX), HIPAA, GLBA, SEC, NASD, E-Discovery and many others.

E-Detective is capable of decoding, reassembling, and reconstructing various Internet applications and services such as "Email (POP3, IMAP and SMTP), Webmail (Yahoo Mail, Windows Live Hotmail, Gmail etc.), Instant Messaging (Yahoo, MSN, ICQ, QQ, Google Talk, IRC, UT Chat Room, Skype), File Transfer (FTP, P2P), Online Games, Telnet, HTTP (Link, Content, Reconstruct, Upload and Download, Video Streaming), VOIP (optional module) etc.

E-Detective comes with a wide variety of management and administrative functions and features. It provides the user various types of reports with Up-Down View. Reports that can be created include Total Throughput Statistical Report, Network Service Report (Daily, Weekly basis), Top Websites etc. All statistics can be displayed in per IP Address or per User Account basis.

E-Detective also provides a variety of search functions. It provides Free Text Search (search by Key Words with Boolean support), Conditional Search, Similar Search and Association with Relationship Search. It also comes with Alert and Notification (Throughput, Conditional and Key Words Alert) functions that allow the network administrator to setup different alert rules and parameters. This allows an alert to be triggered (email to be sent to the administrator) once the specified content is found in the captured and reconstructed content.

The Backup function allows a user to back up the captured raw data files or reconstructed contents. The user can setup auto backup to backup these files to external drives (NAS or SAN) through FTP upload method. Also, the user can opt for manually backing up these files by burning them onto a CD/DVD or download them to a local hard drive/PC.

Other functions available are: Bookmark, Capture File List (Comparing the content of two files), Online IP List, Authority Assignment, Syslog Server, etc. Others functions include hashed export (backup), file content comparison, etc.


Diagram1: E-Detective Mirror Mode Implementation - Organization Internet Interception


Diagram2: E-Detective Telco ISP Lawful and Mass Internet Interception

More E-Detective Product Information


Models: FX-06, FX-30N, FX-100, FX-120
Leading forensics
Technology At A Glance
With Our solutions can
  • 1. Scientifically proven techniques for Internet Interception, Information Security and Network Forensicsies

  • 2. Real-time Captures, decodes and reconstructs Internet traffic

  • 3. More then 140 Internet protocal reconstruct

  • 4. Wide variety of management and administrative functions

  • 5. Provides search functions to need

  • 6. Backup or Export to external drive

  • 7. Bookmark, Capture File List ... etc useful function

More then 6000 installed Word Wide.
Partners and Customers
  • 1. Acer
  • 2. Planex Communications Inc
  • 3. Singapore Technologies Engineering Ltd
  • 4. Pioneer
  • 5. Tatung Co
  • 6. Hewlett-Packard
  • 7. NEC
  • 8. Taiwan Stock Exchange Corporation
Case Study
Site Map © Copyright Decision Group(