Let's talk about a typical real world scenario in the data collection / E-Discovery market, Email Collection, Analysis, and Production.

In our example scenario we have a Microsoft Exchange Server (Version 2003) whose post office file contents must be collected, indexed, and reviewed, however for whatever reason the organization has stipulated that the Microsoft Exchange Server must not go offline.

To solve this problem we've selected F-Response Enterprise , and Nuix Desktop . 

F-Response (any version) will allow the investigator to access the full physical disks of the remote machine in real time, effectively removing the barriers to performing analysis on the Exchange Server EDB file email data.

Our analysis tool of choice for this example is Nuix Desktop . Let's take a moment to talk about Nuix Desktop and the Nuix company (from their website):

"Nuix Desktop gives investigators the ability to complete more investigations, more quickly and with greater accuracy than ever before. Nuix's software simplifies, automates and dramatically speeds up the ability to find crucial evidence and graphically demonstrate what really happened. The result is reduced costs, faster output and increased quality control.

Offering the fastest and most comprehensive set of searching techniques, Nuix provides impactful graphic displays that show clearly who communicated what, to whom, and when. Unlike other forensic/analysis tools, Nuix's software is simple and intuitive to use, even for the largest and most complex tasks.

Evidence can be exported into a variety of formats including Native, PDF, Tiff or HTML. A Report Summary is provided, enabling the investigator to tie all evidence together as well as highlight all the key metadata items and investigator comments and classifications. Graphics can be exported into a number of formats for later display or enhancement.

Nuix was created in 2000 and has invested the last eight years in developing and refining the world's most advanced email and data forensics software "

In our video you'll see Nuix Desktop indexing a live Microsoft Exchange Email Server EDB file.  Indexing is an operation best done on a static image or copy of the EDB email data, but what this video shows is that Nuix Desktop is clearly capable of indexing an image or copy of a live running Microsoft Exchange server's EDB file via F-Response.  We would normally recommend that you image the EDB file and run Nuix against the static image, but we really wanted to push the envelope with our demonstration.

Overall I was and continue to be very impressed with Nuix Desktop.  As you will see in our video it's able to handle a "live" or "not closed" Microsoft Exchange EDB file store, something that not all email analysis tools can do, plus it's impressive graphical interface and feature set clearly make it worthy of consideration.

As always, if you have additional questions about F-Response, please directly, if you would like to know more information about Nuix or request a live demonstration, please contact them here .

Please use the full screen option when viewing the video. 

Thanks and enjoy!

Warmest Regards,

M. Shannon

Founder, F-Response

January 28. 2009