asked on VM Forensics
In our test/dev lab we are running vSPhere 6.0, 6.5 and 6.7 on different platforms.
We are looking into how to perform forensics on VMs (OVFs, Snapshots, etc.) off line.
Does anyone know of any products in the VMware portfolio or partner products that may be a good option for this use case?
We are looking into how to perform forensics on VMs (OVFs, Snapshots, etc.) off line.
Does anyone know of any products in the VMware portfolio or partner products that may be a good option for this use case?
Digital ForensicsVMwareSecurity
Last Comment
Stan J
Forensics on a virtual disk is exactly the same as with a physical disk.
It's actually a bit easier since it's already a file that you can more easily "clone" and back up without having to pull out disks.
ASKER
thanks,,,can you provide examples or tools on the best approach to do the forensics
ASKER CERTIFIED SOLUTION
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
Encase and FTK are common.
ASKER
thanks for these tips....
We use Veeam and have VAS.
The Enterprise and Enterprise Plus options provide a tool called DataLabs (sandbox) that also may be used in conjunction with tools
We use Veeam and have VAS.
The Enterprise and Enterprise Plus options provide a tool called DataLabs (sandbox) that also may be used in conjunction with tools