Network Associates this week announced an appliance that captures and stores traffic content crossing any gigabit-speed network segment, storing it for later review and analysis in the event of a suspected security incident.SANTA CLARA -\u00a0Network Associates\u00a0this week announced an appliance that captures and stores traffic content crossing any gigabit-speed network segment, storing it for later review and analysis in the event of a suspected security incident.InfiniStream Security Forensics is a Linux-based security product that is intended as a way to retrieve data content, such as e-mail, after an intrusion-detection system has alerted the customer of a potential problem. InfiniStream is in limited release, with a dozen or so customers. General availability is expected in the third quarter through NAI's Sniffer Technologies division.InfiniStream will compete against security forensics tools from\u00a0Niksun,\u00a0SilentRunner\u00a0and\u00a0Vericept, according to security analysts. It consists of a 2.8-terabyte RAID storage appliance and Windows-based software for mining the stored data, and is expected to appeal primarily to organizations with high traffic volume."This is for folks who want to dive deep into the packets in their network and get to some of the security-related aspects of it," says Pete Lindstrom, analyst at consultancy Spire Security. "For instance, it can do re-assembly of Web pages and replay them. But there is no alerting capability. You have to know to go to it for some reason."NAI hopes customers will use InfiniStream to investigate security issues to which they've been alerted by NAI management tools, such as the Network Performance Orchestrator for Sniffer packet-analysis and intrusion-detection products, or the McAfee division's ePolicy Orchestrator for Symantec and McAfee antivirus reporting and alerts.InfiniStream stores all content across an internal network segment up to gigabit speed and allows for a replay of network activity based on several variables, such as time sequence, IP address and ports. It can export content to the Sniffer Distributed protocol analysis product for examination.So far, NAI has not been a contender in the security forensics market, Lindstrom says. But by buying Traxess last summer for its DragNet product, NAI made it clear it would be competing this year for a foothold. Although InfiniStream still has to make it through customer beta trials, NAI could be selling it to its installed base of 700,000 Sniffer customers this fall.The product is priced at $85,000.