Network Forensics is the process of capturing, recording and analyzing network packets in order to determine the source of network security attacks. The main goals of network forensics are to collect evidence and analyze network traffic data collected from different devices such as Switches, Routers, firewalls and IDS. In addition, it monitors the network to detect attacks and analyze the nature of attackers through intrusion patterns or attackers’ activity. Network forensics ensures a faster incident response to an attack. It provides the ability to investigate the attacks by tracing the attack back to the source and discovering the nature of the attacker if it is a person, host or a network. In addition, network forensics provides methods to predict future attacks by correlating attack patterns from previous records of intrusion traffic data. This facilitates the presentation of admissible evidence in a court of law.