The first I would like to discuss is the Talon Enhanced by Logicube.
The second I would like to discuss is the TD2 by Tableau.
The third and final is the Forensic Dossier also by Logicube.
The Talon Enhanced and the TD2 are very similar machines. The Forensic Dossier has a few extra capabilities that I will discuss in the Dossier section (coming soon). I will detail a couple speed tests that I have done with the tools. I will also list some strengths, weaknesses, and key difference between the tools.
All three tools report roughly the same transfer speeds. It is my hope to document tests I have personally run using the same Hard Drives in each test. This will show some differences that you can draw conclusions from yourselves.
The Talon Enhanced
Strengths:
- Formats Destination FAT32 or NTFS
- Will create two copies of the source (can copy simultaneously to two destinations)
- Can act as a write-blocker via USB or eSATA for computer access
- Stealth mode to hide what the Talon is currently doing
- Will image to E01 (compressed and non-compressed) or DD (Raw) format.
- Full QWERTY keyboard for inputting case information
- Touch Screen for easy navigation
- (10/May/2012) As of release 1.1.1RC22 the Talon now logs the time of processes!
- Larger than the TD2, however with the first destination located inside, the desk space is about the same.
- Source inputs from the top of the Talon and the Destination/s go inside or to the right.
- Has NTFS Format Option
- Allows examiner to plug the Talon into a computer via USB or eSATA and use as a write-blocker.
- Options to wipe once (1) or DoD wipe which wipes seven (7) times. TD2 offers one (1) wipe or three (3) wipes
- Gives options for compressed E01 and non-compressed E01
Source is a Samsung 64GB SSD 830 Series Model: MZ -- 7PC064 with 44.7 GB of data on it
Destination is a WD 500GB HDD Model: WD5000KS wiped previous to each image.
Speed Test 1:
Destination formatted FAT32, E01 option with compression, Hashed
Time to completion: 00:30:50
Size of Image: 44.7 GB
Speed Test 2:
Destination formatted FAT32, E01 option with no compression, Hashed
Time to completion: 00:31:36 (yes it took longer w/o compression)
Size of Image: 59.6 GB
Speed Test 3:
Destination formatted FAT32, DD, Hashed
Time to completion: 00:30:38
Size of Image: 59.6 GB
Speed Test 4:
Destination formatted NTFS, E01 option with compression, Hashed
Time to completion: 00:29:58
Size of Image: 44.7 GB
There are more options available for imaging but I believe that the above four (4) give a reasonable showing of the Talon's capabilities.
TD2
Strengths:
- Size, The TD2 is smaller than the Talon.
- Will create two copies of the source (can copy simultaneously to two destinations)
- Will image to E01 compressed or DD (Raw) format.
- Logs the time for an image to complete as well as the average speeds.
- All Tableau tools are updated using the same update utility.
- Quick Start. Allows user to setup a common setup and use it as the first and only option
- Does not Format destinations NTFS. Tableau has said that an ExFAT option will be released later this year.
- Only seven buttons that are used with up and down arrows for inputting case information.
- In my tests the TD2 image time logs were off by about 30 seconds. It recorded a time 30 seconds faster than the actual time on a 64GB source.
- Source drive is placed on the left and destination is placed on the right
- Options to wipe once (1) or three (3) times. Talon Enhanced and Dossier offer one (1) wipe or DoD wipe which is seven (7) passes.
Speed Tests:
Source is a Samsung 64GB SSD 830 Series Model: MZ -- 7PC064 with 44.7 GB of data on it
Destination is a WD 500GB HDD Model: WD5000KS wiped previous to each image.
Speed Test 1:
Destination formatted FAT32, E01 option with compression, Hashed
Time to completion: 00:31:07
Size of Image: 44.5 GB
Speed Test 2:
Destination formatted FAT32, DD, Hashed
Time to completion: 00:32:35 (yes this is slower than an E01 w/compression)
Size of Image: 59.6 GB
Forensic Dossier:
Coming Soon...
www.h11dfs.com
~Hew
