Has your agency upg...
 
Notifications
Clear all

Has your agency upgraded to EnCase V7?  

Page 2 / 3
  RSS
MrKameren
(@mrkameren)
New Member

Guidance is doing a great job receiving input to improve V7 and make it more user friendly. V7 does have a way to go before it's reached it's potential. Currently in our lab we're using both V6 or V7 dependent on the case details.

ReplyQuote
Posted : 06/01/2012 4:11 am
yunus
(@yunus)
Active Member

Yes we have upgraded to 7, but we came to conclusion that it is not worth upgrading. They have taken many useful features out. For instance, You can not filter deleted files practically as you were able to do with a single click. You pay for ugrade and you get less than what you have got before.

Is that fair?

ReplyQuote
Posted : 06/01/2012 11:00 pm
ForensicRanger
(@forensicranger)
Active Member

We have not upgraded to V7 given that is was released prematurely… perhaps equate it with Microsoft's release of Vista v Windows 7. We had GS come to our office and they gave us the pitch on v7, and many questions were asked by those who attended - particularly as to why some features were removed and why others were cumbersome to find.

Once v7 is -ready-, we'll do the switch, but until such a time, 6.19 remains.

I did not vote as the option I would have chosen (same as minime's) is not available.

ReplyQuote
Posted : 10/01/2012 11:36 pm
zhaan
(@zhaan)
Member

Guidance is doing a great job receiving input to improve V7 and make it more user friendly. V7 does have a way to go before it's reached it's potential. Currently in our lab we're using both V6 or V7 dependent on the case details.

That will be a first on both counts!

ReplyQuote
Posted : 11/01/2012 5:48 pm
shep47
(@shep47)
Member

Yes and No.

Still using EnCase v6 for its EnScript support (especially the hat full provided by James Crabtree).

Happy with the EnCase v7 processing of BB, iPad (et al) and 'out of the box' Safeboot support (we never had the extra modules for v6). Not happy with the evidence processing (never had time to let it finish!)

Shep

ReplyQuote
Posted : 11/01/2012 10:00 pm
chroberts39
(@chroberts39)
New Member

Personally, I use EnCase 6.18.?? because I run C4All against most jobs. I do not have an alternative in v7 and certainly do not relish wading through huge amounts of IIOC any other way unless I can avoid it. The above point is not entirely Guidance's fault but nevertheless, v6.18 it is for me.

ReplyQuote
Posted : 13/01/2012 3:10 am
pbeardmore
(@pbeardmore)
Active Member

the software market is a funny place. If I was hiring a car and I entered the car park of the hire company and I had the choice of a brand new BMW or a 2 year old car, I (and most people) would choose the brand new model.
But here we have an example where 65% (in my experince this is pretty representative of the industry) are choosing the older model.
Yes, I know the car market is different from software but the principle is the same.
An upgrade is meant to be just that.

ReplyQuote
Posted : 13/01/2012 3:35 pm
zhaan
(@zhaan)
Member

the software market is a funny place. If I was hiring a car and I entered the car park of the hire company and I had the choice of a brand new BMW or a 2 year old car, I (and most people) would choose the brand new model.
But here we have an example where 65% (in my experince this is pretty representative of the industry) are choosing the older model.
Yes, I know the car market is different from software but the principle is the same.
An upgrade is meant to be just that.

Not wanting to be argumentative but is this an upgrade or a new beginning? From my limited use of the v7 BETA and preview, its very different, so much so that v6 knowledge only seems useful for its terminology rather than for the location of specific tasks and processes.

For me, this could give that last nudge to another product, stick with v6 but instead of going to v7, try a different flavour?

ReplyQuote
Posted : 13/01/2012 3:40 pm
brede
(@brede)
Member

We are using version 6 still. One license of 7 is uhandy for fast spartphones analysis and also for its included modules.

ReplyQuote
Posted : 13/01/2012 4:54 pm
pbeardmore
(@pbeardmore)
Active Member

No problem, I was using the word upgrade in the plain English context ie its meant to be better than the previous product, therefore, it would be a no brainer not to use it, especially when you have paid for it. In the same way that it would be a no brainer to drive the latest BMW rather the last model.

the software market is a funny place. If I was hiring a car and I entered the car park of the hire company and I had the choice of a brand new BMW or a 2 year old car, I (and most people) would choose the brand new model.
But here we have an example where 65% (in my experince this is pretty representative of the industry) are choosing the older model.
Yes, I know the car market is different from software but the principle is the same.
An upgrade is meant to be just that.

Not wanting to be argumentative but is this an upgrade or a new beginning? From my limited use of the v7 BETA and preview, its very different, so much so that v6 knowledge only seems useful for its terminology rather than for the location of specific tasks and processes.

For me, this could give that last nudge to another product, stick with v6 but instead of going to v7, try a different flavour?

ReplyQuote
Posted : 13/01/2012 7:23 pm
pragmatopian
(@pragmatopian)
Active Member

its meant to be better than the previous product, therefore, it would be a no brainer to use it, especially when you have paid for it. In the same way that it would be a no brainer to drive the latest BMW rather the last model.

I assume upgraded products are almost invariably meant to be better than their predecessors, but that doesn't necessarily mean that they are better from the users' perspectives.

In the software world I suppose that XP vs Vista is probably one of the best known illustrations of this. Look at how many organisations passed over Vista and migrated directly from XP to 7.

The problem generally arises when software upgrades are somehow radical, and particularly if they are obviously radical to end users. If your choice was between an older conventional car and a radical and poorly thought-out redesign

I'm not so sure that the choice would be such a no-brainer.

ReplyQuote
Posted : 13/01/2012 9:35 pm
finbarr
(@finbarr)
Junior Member

We haven't upgraded to v7 either - it's simply not fit for purpose. We continue to use v6 and X-Ways. These remain known, stable and highly relevant tools.

The problem becomes more sensitive as the targets our forensic tools operate on changes. Improvments like those posted by Microsoft for Windows 8 will see NTFS replaced by ReFS - for which I assume only EnCase 7 will have support. It's events like this may well be the catalyst that push us all to upgrade.

Let's just hope that EnCase 7 is up to job by then.

Kind regards,

John Douglas
LangfordParc

ReplyQuote
Posted : 31/01/2012 2:13 am
johnny
(@johnny)
New Member

We've found it so bad we've asked for our money back.

Version 6 is an excellent product as a forensic investigation tool, but as far as version 7 goes our view was it wasn't fit for purpose as so many of the useful/essential features had been removed.

We are six months into an obligatory annual maintenance fee and aren't using it and are unlikely to for some considerable time. Like many others we felt that we are beta testing for Guidance but paying for the privilege.

ReplyQuote
Posted : 31/01/2012 12:14 pm
fuzed
(@fuzed)
Member

have it, used it went back to 6…

ReplyQuote
Posted : 31/01/2012 2:05 pm
ckimmel
(@ckimmel)
New Member

Yes.. We've had it for 4 months but have yet to use it… FTK 3 has been taking much of the case load over….

I'll end up implementing the software into our tool set more once I establish a new case management system using DFLabs

starting over from scratch basically… FTK 3, Encase 7, X-Ways, Solo IV devices, new write blockers… I love spending budget money )

ReplyQuote
Posted : 31/01/2012 8:17 pm
Page 2 / 3
Share: