Advanced Forensic Analysis has all the features of Basic Forensic Analysis plus some very powerful enhancements.
Administrators can view the activity of a suspect device over a period of months and drill down to minute-by-minute detail of wireless activity. Records are kept over a long period of time so that administrators can review events months later to improve network security posture, assist in forensic investigations, and ensure policy compliance. These records can be used to provide evidence that an attacker has made repeated attempts to break into the wireless network and to know where the attack was launched.
See the following table for a comparison of the features that are available with Basic vs. Advanced Forensics.
| Basic Forensic Analysis | Advanced Forensic Analysis |
|---|---|
Forensic data is available only for BSS and Wireless Client devices. |
Forensic data is available for the entire system, a single network level, or a single sensor (Scope Based only.) |
No Location data is available. |
Location data is available and the Location Analysis tab is activated (Device Based only). |
No Graphical views of data analysis are available. |
Graphical views of data analysis are available in all tabs. |
Data is displayed only in 24 hours increments. You cannot configure a different time period, but you can choose whatever 24 hour period that you want. |
You can select a time frame for more than a 24 hour time period to display data. |
Only the selected 24 hour time period is displayed; you cannot adjust the time window using sliders. |
You can adjust the time window using sliders. |
No data filters are available. |
Data filters are enabled. |
Advanced Forensic Analysis stores and manages 325 data points every minute for each wireless device on a network. This feature provides administrators more insight into wireless LAN performance and specific wireless device activity. Trends in network usage can easily be visualized to assist in performance troubleshooting such as identification of abnormal usage and capacity planning. There are two categories of Advanced Forensic Analysis: