Extending your Investigative reach

Similar documents
CLOUD FORENSICS WITH F-RESPONSE

StoneGate Firewall/VPN How-To Evaluating StoneGate FW/VPN in VMware Workstation

Windows Embedded Security and Surveillance Solutions

Virtualization of CBORD Odyssey PCS and Micros 3700 servers. The CBORD Group, Inc. January 13, 2007

Five Reasons to Take Your Virtualization Environment to a New Level

Optimizing Virtualization Management with Automated Application Discovery

Proven LANDesk Solutions

Best Practices: Implementing Large Scale Collections with F- Response

VMware Cloud Automation Design and Deploy IaaS Service

Intel Storage System SSR212CC Enclosure Management Software Installation Guide For Red Hat* Enterprise Linux

W H I T E P A P E R. VMware Software Lifecycle Automation Solutions

VMware Performance and Capacity Management Accelerator Service

CISCO UNIFIED COMMUNICATIONS FOR MIDSIZE DATA CENTERS ON VBLOCK SYSTEM 200

How to Use a LAMP Stack on vcloud for Optimal PHP Application Performance. A VMware Cloud Evaluation Reference Document

SmoothWall Virtual Appliance

Upgrading Horizon Workspace

VMware vsphere Data Protection 5.8 TECHNICAL OVERVIEW REVISED AUGUST 2014

VMware Solutions for Small and Midsize Business

VMware vsphere Data Protection 6.0

Using Microsoft RemoteFX USB Redirection to forward an F-Response Dongle

RSA Security Analytics Virtual Appliance Setup Guide

How to Create a Simple Content Management Solution with Joomla! in a vcloud Environment. A VMware Cloud Evaluation Reference Document

Veeam Task Manager for Hyper-V

How to Create an Enterprise Content Management Solution Based on Alfresco in a vcloud Environment. A VMware Cloud Evaluation Reference Document

How to Create a Flexible CRM Solution Based on SugarCRM in a vcloud Environment. A VMware Cloud Evaluation Reference Document

WHITE PAPER. Understanding Transporter Concepts

Lenovo Partner Pack for System Center Operations Manager

Releasing High Quality Applications More Quickly with vrealize Code Stream

The BYOD Opportunity. Say Yes to Device Diversity and Enable New Ways to Drive Productivity WHITE PAPER

VMware Horizon FLEX 1.5 WHITE PAPER

VMware vcloud Powered Services

Oracle Database Solutions on VMware High Availability. Business Continuance of SAP Solutions on Vmware vsphere

How to Create a Multi-user Content Management Platform with Drupal in a vcloud Environment. A VMware Cloud Evaluation Reference Document

The ECHO - Cisco Connection ECHO, and how it interacts with Cisco's CallManager

What are your firm s plans to adopt x86 server virtualization? Not interested

Your Mission: Use F-Response Now to connect to remote computers and devices over the Internet

VMware Virtual Desktop Manager User Authentication Guide

Designing & Managing Reliable IT Services

Mobile Secure Desktop Maximum Scalability, Security and Availability for View with F5 Networks HOW-TO GUIDE

MobiKEY. Virtual Desktop Infrastructure (VDI) Integration. September 2012

Managed Security Service Providers vs. SIEM Product Solutions

Utilizing LDAP for User Profile and Corporate Structure Integration

PANORAMA. Panorama provides centralized policy and device management over a network of Palo Alto Networks next-generation firewalls.

Esri ArcGIS Server 10 for VMware Infrastructure

Oracle Databases on VMware High Availability

VMware vsphere Data Protection Evaluation Guide REVISED APRIL 2015

NETGEAR ReadyRECOVER Offsite Data Protection: Replication Overview and Configuration Guide

Introduction to VMware vsphere Data Protection TECHNICAL WHITE PAPER

MobiKEY TM with TruOFFICE

Building Private & Hybrid Cloud Solutions

VMware Horizon FLEX Solution Brief

Business Process Desktop

VMware vcloud Networking and Security

Virtualizing the Desktop with ScriptLogic Desktop Authority

An Oracle White Paper August Higher Security, Greater Access with Oracle Desktop Virtualization

Scalability in Log Management

How To Control Vcloud Air From A Microsoft Vcloud (Vcloud)

VMware Horizon FLEX User Guide

VMware vcloud Air Security TECHNICAL WHITE PAPER

Relax...Arrow has it covered

W H I T E P A P E R. Understanding VMware Consolidated Backup

CA ARCserve Replication and High Availability Deployment Options for Hyper-V

Operations Management for Virtual and Cloud Infrastructures: A Best Practices Guide

Foglight. Foglight for Virtualization, Free Edition Installation and Configuration Guide

Managing Remote Access

MTP. MTP AirWatch Integration Guide. Release 1.0

Combining Onsite and Cloud Backup

Configuration Maximums VMware Infrastructure 3

Virtual Machine Environments: Data Protection and Recovery Solutions

Virtual Machine Encryption Basics

VMware View 4 with PCoIP I N F O R M AT I O N G U I D E

IBM Data Security Services for endpoint data protection endpoint data loss prevention solution

VMware Horizon FLEX User Guide

8 Solutions Designed To Optimize The Data Center The Power of OS Portability

How To Use Ibm Tivoli Monitoring Software

VMware vcloud Networking and Security Overview

Addressing Microsoft Windows 7 Deployments with VMware Mirage WHITE PAPER

How Virtualization Complements ShoreTel s Highly Reliable Distributed

Symantec Backup Exec System Recovery

firemon Powering Proactive Security Appliance Features: Meet the Family Quick initial setup Hardened O/S

DeltaV Virtualization

Expert Reference Series of White Papers. Understanding Data Centers and Cloud Computing

Desktops in the Cloud

What s New in VMware vsphere Flash Read Cache TECHNICAL MARKETING DOCUMENTATION

Installing and Configuring vcenter Multi-Hypervisor Manager

Securing Cloud Computing by GED-i

Symantec Backup Exec.cloud

Configuration Management in the Data Center

Communications Server for Linux

New Value for Managed Service Providers: Extending Out of Band Remote Management to Servers

Virtualized Security: The Next Generation of Consolidation

Configuring Multiple ACE Management Servers VMware ACE 2.0

Solving the Desktop Dilemma

Getting Started with ESXi Embedded

QRadar Security Intelligence Platform Appliances

W H I T E P A P E R. Optimized Backup and Recovery for VMware Infrastructure with EMC Avamar

Top 10 Reasons to Virtualize VMware Zimbra Collaboration Server with VMware vsphere. white PAPER

FlexPod Datacenter with Microsoft Private Cloud Excels in Price-to-Performance Comparison

Datasheet FUJITSU Software Systemwalker Software Configuration Manager V15

Transcription:

F-Response Extending your Investigative reach LEVERAGING SIMPLE SOFTWARE AND TECHNOLOGIES TO CREATE A GLOBAL REACHING COMPUTER FORENSICS, INCIDENT RESPONSE, AND E-DISCOVERY CONSULTING PRACTICE. F-Response is a Registered Trademark of Agile Risk Management LLC. For more information on F-Response, or any of part of the solution presented in this paper please contact us on the web at www.f-response.com. January 19, 2016

Table of Contents Challenge... 3 Solution... 4 Prerequisites... 5 Summary... 6 Legal Notices... 7-2 -

Challenge In a challenging economic climate it is critical to look for new and innovative ways to expand your client base, gain recurring business opportunities, and optimize your cost structure. Let s look at each one of these issues: Client Base Depending on your existing location, your local market may or may not be capable of providing sufficient growth opportunities, let alone provide sustainable revenue during a soft economy. However, many geographic regions in the US and abroad are experiencing economic growth and prosperity; the challenge is how to access those markets without relocating, either permanently or through traveling engagements. Recurring Business Computer forensics, incident response, and e-discovery all are challenged when it comes to creating sustainable recurring business at existing clients. As all three business models are driven by on-demand work it is often difficult, if not impossible to forecast future opportunities, or expand your current staff without a considerable amount of risk. Again the challenge is to level the volatile nature of these businesses to provide a more stable revenue stream. Cost Structure Staff salaries, software, hardware, and travel all reduce net profit at the completion of a client engagement. The challenge is to reduce these costs while still delivering quality, on-demand, and well conceived services to end clients. - 3 -

Solution Using existing software technologies and potentially commodity class hardware resources it is possible to deliver a complete onsite solution to end customers anywhere in the world, on demand, and with minimal preparation. The solution hinges on being able to leverage USB forwarding technology to shift your existing dongle based software licenses to a remote virtual machine running within the customer s IT environment. In order to accomplish this we recommend using KernelPro s USB-Over-Ethernet ( USBoE ) software product. USBoE allows remote examiners (aka Consultants) connected via VPN to forward their physical software license dongles to the remote client side virtual examiner appliance; the appliance being any computer configured on the remote side for use by the examiner. Once connected to the virtual appliance the remote examiner can then deploy F-Response to one or more remote targets, and begin leveraging one or more remotely installed computer forensics, e-discovery, or incident response applications. Locally attached storage may be used at the client site to retain images, exported data, and hold generated client reports. Subjects Under Investigation Consultants with USB License Dongles Virtual Private Network Remote Investigation Appliance (RIA) Images and Exported Data Client Reports - 4 -

Prerequisites Software Required: KernelPro (www.usb-over-ethernet.com) USB-OVER-ETHERNET USB-Over-Ethernet provides USB device forwarding to remote machines. In essence USB hardware dongles, such as those used by F-Response and other Computer Forensic software manufacturers can be forwarded to a remote virtual or physical workstation at the client location. F-Response (www.f-response.com) F-RESPONSE ENTERPRISE OR CONSULTANT + COVERT EDITION F-Response Consultant + Covert or Enterprise provide direct, read-only access to remote computers at the client site. Using F-Response you can attach to remote machines from within the client environment and access physical disks, logical volumes, and physical memory in real-time. Forensic/Incident Response/E-Discovery Tools VMWare (www.vmware.com) [OPTIONAL] VMWARE PLAYER + VIRTUAL APPLIANCE (WINDOWS OS LICENSE) VMware Player along with a custom Virtual Appliance allows the customer to deploy a virtual examiner machine tailored to your needs quickly and efficiently. Hardware[OPTIONAL] A remote computer is required, either physical or virtual. A Commodity Class 1U Rack mounted Server or equivalent may be used, as can almost any client provided hardware (including a laptop, for example). A sufficiently large storage device, used to store evidence, images, collected files, etc. - 5 -

Summary A simple investment in existing software technologies makes it possible to deliver exceptional onsite services without a physical onsite examiner. In summary the solution proposed provides the following benefits when adopted: Improved client base and visibility This new services delivery model extends the existing customer base to include geographic regions typically outside of the existing local area. Enhanced Opportunities for recurring revenue With an always available onsite presence opportunities to provide virtual onsite services will increase, in addition value add recurring services can now be considered by the client with little additional overhead. For example, random subject investigations, based on the concept of a physical drug test, a preliminary investigation could be administered on random subject computers on a periodic basis. Reduced Cost Structure Removing the need to travel will result in a higher profit margin, will provide the flexibility to bring expert consulting skills to bear on multiple clients sites during the same work period, and will provide added value to the client by significantly reducing response times. - 6 -

Legal Notices Copyright Copyright 2016 Agile Risk Management, LLC. All rights reserved. This document is protected by copyright with all rights reserved. Trademarks F-Response is a trademark of Agile Risk Management, LLC. All other product names or logos mentioned herein are used for identification purposes only, and are the trademarks of their respective owners. Statement of Rights Agile Risk Management, LLC products incorporate technology that is protected by U.S. patent and other intellectual property (IP) rights owned by Agile Risk Management LLC, and other rights owners. Disclaimer While Agile Risk Management LLC has committed its best efforts to providing accurate information in this document, we assume no responsibility for any inaccuracies that may be contained herein, and we reserve the right to make changes to this document without notice. - 7 -

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information