AD eDiscovery®/Enterprise Appliance

AD eDiscovery®/Enterprise Appliance
The Combined Power of E-Discovery, Enterprise
Investigation and Incident Response (IR)
Synergistically combining e-discovery, enterprise forensic investigation and
incident response (IR) into a single appliance solution allows easy deployment,
cross-functional collaboration, and rapid results. Our end-to-end e-discovery
solution lets teams efficiently conduct enterprise-wide search, targeted collection,
systemized preservation, legal hold, data processing and assessment, and complete
legal review. Investigative teams can perform enterprise wide investigations to
enforce compliance and remediate damage by scanning thousands of endpoints for
unapproved processes and, where applicable, kill specific processes and initiate
batch remediation on either a single machine or multiple endpoints across your
entire infrastructure. In addition, security operation teams can proactively detect
threats that have circumvented the typical signature-based tools, such as antivirus,
intrusion detection and other alerting systems.
Available Options
This offering is available in several user and capacity options to suit any
organization’s needs. AccessData covers all updates and patching to the software.
Available configurations are as follows:
TIER 1 SMALL CORPORATION
Hardware, application software, 1 site server license, 5,000 endpoint
collectors, 2 structured data connectors (Microsoft® Exchange &
Microsoft SharePoint®), 5 web-based user accounts and 1TB of annual
processing throughput provided.
TIER 2
MIDSIZE CORPORATION
Hardware, application software, 2 site server licenses, 15,000 endpoint
collectors, 2 structured data connectors (Microsoft Exchange &
Microsoft SharePoint), 10 web-based user accounts and 2TB of annual
processing throughput provided.
TIER 3 L ARGE CORPORATION
Hardware, application software, 3 site server licenses, 25,000 endpoint
collectors, 2 structured data connectors (Microsoft Exchange &
Microsoft SharePoint), 25 web-based user accounts and 5TB of annual
processing throughput provided.
Support and Services
Each appliance offering includes access to our telephone and online support.
Remote implementation and knowledge transfer support can be added at time of
purchase. Support and service hours can be purchased on an hourly basis to be
used for consultation, help with migration of data, SQL setup/maintenance, or
upgrade support.
Ask About Our Training Options
Available training packages include in-person custom training, Live On-Line
(LOT) classes and access to our online on-demand Learning Management System
(LMS) library of training and written materials for all courses.
Appliance Highlights
• End-to-end e-discovery. Legal hold,
collection, data processing, ECA and final
review—all within a single solution.
• Full or targeted collection, on or off
the network. Collect data using complex
filtering techniques based on content,
data, owner, custodian and data type with
Boolean logic.
• Collect evidence without manual
investigation. Forensically preserve ESI
from all data sources, including email
systems, more than 30 commercial data
repositories, shared drives, laptops,
desktops, servers and cloud sources,
such as Google Drive™ and Office 365™.
• Full-featured legal hold. Automated
documentation, notification, escalation
and extensive reporting with a graphic
hold and custodian status dashboard
that can synchronize with management
databases.
• See everything. Achieve visibility into
all data across your enterprise, enabling
you to detect, identify, analyze, report
and forensically preserve data, as well as
remediate security issues.
• Identify and kill unapproved processes.
Mitigate risk by wiping sensitive data
or killing unauthorized processes from
remote endpoints.
• Analyze, assess and remediate all
affected nodes and computers from a
central location. Proactively or reactively
scan thousands of endpoints to identify
rogue processes (even those that are
hidden) and anomalous activity.
• Identify rogue processes. Perform
differential analysis on volatile data to
identify changes over time and uncover
potential threats.
Savings from a single case involving
10 custodians and 100 GB of ESI
can reach $80,000.
Secure Your Enterprise
AD Enterprise is designed to eradicate threats
no matter where they come from.
Hacking. Scan several machines at once to
determine the scope of a breach and perform
root analysis.
Compromised Data. Create a threat profile and
execute an audit to identify all contaminated machines.
EXTERNAL THREATS
Malware. Scan across the entire network for
unknown and known malicious processes and DLLs.
IDS Alerts. See network or system IDS alerts on
suspicious inbound and outbound network activity.
Content Monitoring Alerts. Correlate user activity
with content monitoring alerts and forensically
preserve relevant data.
IP Theft. Conduct quick, thorough investigations of
multiple individuals with a focus on user files and email.
INTERNAL THREATS
Computer Usage Violations. Scan the network for
unapproved processes and preview drives to determine
if computer usage violations have occurred.
Employee Malfeasance. Execute large-scale forensic
investigations in stealth to verify whether malicious
activity has occurred.
Govern Your Enterprise
AD eDiscovery® is designed to tackle the most
advanced e-discovery challenges.
Produce responsive-only documents and email in native
format or an AD1 forensic archive, organized by custodian
or as a single instance.
User-friendly web interface with native file review allows
collaborative, first-pass review prior to production.
ANALYSIS/
FIRST-PASS REVIEW
5.
Generate load files for export to popular third-party
review tools, including Concordance®, EDRM XML,
Summation®, iCONECT® and Introspect™.
PRODUCTION
Rolling production support enables batch
production.
6.
Process data as you collect, while
maintaining complete chain of custody.
Automatically identify and categorize
data, including encrypted files.
Deduplicate email and ESI across the
matter or for a specific custodian.
4.
WORKFLOW
u
1.
PROCESSING/
DEDUPLICATION
3.
Forensically collect from workstations,
laptops, network shares, email servers,
databases and 30+ structured data
repositories, such as SharePoint, Symantec
Enterprise Vault™ and Documentum®.
Perform incremental collections to only collect data
that has changed from a previous collection.
PRESERVATION &
COLLECTION
Reuse previously executed collections and associate them
with multiple matters.
Thoroughly audit for and identify
electronically stored information (ESI)
that falls outside your records retention
policies.
INFORMATION
RETENTION
ENFORCEMENT
Flag non-compliant files and log their
locations.
2.
IDENTIFICATION/
EARLY CASE
ASSESSMENT
See what the results of a search will be
before you actually begin to collect.
Determine where potentially relevant data lives
and categorize it by data type, volume and location.
AccessData and other AccessData products and services mentioned herein as well as their respective logos are trademarks or registered trademarks of AccessData Group. All other product
and service names mentioned are the trademarks of their respective companies. © AccessData Group, 2015. All Rights Reserved.
GLOBAL HEADQUARTERS
+1 801 377 5410
588 West 300 South
Lindon, Utah
USA
NORTH AMERICAN SALES
+1 800 574 5199
Fax: +1 801 765 4370
sales@accessdata.com
INTERNATIONAL SALES
+44 20 7010 7800
internationalsales@accessdata.com