Guidance Software EnCase Review

It is used as a forensic tool and End point Security that takes an image, extracts the data and then analyzes the keyword search besides providing Security for the Enterprise network.


What is our primary use case?

My primary use case for this solution is as a forensic tool that is taking an image, extracting the data and then analyzing the keyword search. Currently working on Endpoint Security Encase SAFE for monitoring the nodes / machines.

How has it helped my organization?

Using Encase we are able to implement security and also Forensics.

What is most valuable?

Pathways, SweepEnterprise and EnScripts. In near future eventually go for EnCase mobiles.These provide maximum ease to work as per work and situation.In the scenarios we have, we try to use extraction of data that would be based on extensions. We also go for an answer based on the keyword search. 

What needs improvement?

SweepEnterprise where the limit is up to 5 machines to scan. Customised Report that can be obtained as per the user requirement. Like it should omit duplicate machines, able to Filter old machines w.r.t the new one and provide New scannes machines status.We have come across problems with the end-case. We could not find an email discovery type of module and there was not flexibility with the email. So, the moment we came across a  parameter or something like that we had to either extract those extensions and then again go for another rule that can be further extracted to a readable format like Outlook. If this was included, we would find this a more useful solution.

Secondly, is getting the key word search option. If you go, there are legal options, it's like a deal for file extensions. Every time we have to repeat the process and it is repetitive. Whereas, if you can get research that can be categorized by default based only by an extensions that would be a benefit. 

Also, if we can also add the timely matched signature that it would be helpful.

For how long have I used the solution?

One to three years.

What do I think about the stability of the solution?

It was quite stable for me. I have not come across bugs.

What do I think about the scalability of the solution?

In terms of the scalability, I found that it depends upon the size and the contribution of the system that you are using. We did have some issues with adding more cases simultaneously.

How are customer service and technical support?

We have not used tech support.

If you previously used a different solution, which one did you use and why did you switch?

It is the same Encase using with different version. Came up with Enscript Snapshot to use in order to overcome the limit of scannig of 5 machines / nodes (SweepEnterprise) to 》200 machines. 

How was the initial setup?

Waiting for new release

What about the implementation team?

Suprised that opentext could not responded quickly when the client seek help in this regard i.e limitation of scanning nodes.

What's my experience with pricing, setup cost, and licensing?

We have a license. And, we found the cost high. We contacted them and talked to them about the ratio of the US dollar versus the Indian rupee and then we came to a solution.

Which other solutions did I evaluate?

I am not sure what the client has done regarding this.

What other advice do I have?

The same Snapshot EnScript is informed to Opentex where the are going to include in 8.08 release or higher version

Disclosure: I am a real user, and this review is based on my own experience and opinions.
1 Comment
Om SalamkayalaReal UserTOP 10LEADERBOARD

Please do add that 6.1 version is very friendly than the 8.1 version. If user friendly version of 6.1 can be combined with the latest version will be more appreciable including the e-discovery for mail analysis, mobile analysis and extraction.

10 November 18
Guest
Sign Up with Email