Detect unusual levels of network traffic.Identify devices or parts of the network that are causing traffic flow bottlenecks.Provide detailed packet capture data that specifies who specific devices are communicating with - source and destination - and which protocol or port is being used.Alternatively, an analyzer might be deployed as a standalone appliance or as part of a firewall, intrusion detection system/ intrusion prevention system (IDS/IPS) or network detection and response tools to monitor all traffic at the internet edge to help identify malicious activity. For example, a laptop running Wireshark, a free open source network protocol analyzer, can be used in an ad-hoc way to analyze packets to find out why a particular web server is running slow. Placement of a packet analyzer largely depends on analysis goals and the location of devices administrators wish to monitor and analyze. Network analyzers can be installed and run directly on a device to provide packet capture data, or the analyzer can be inserted within the network - typically a network uplink - to simultaneously monitor packet capture data for multiple devices.
Network analyzers accomplish this by collecting packet data traversing a network. What is a network analyzer (protocol analyzer or packet analyzer)?Ī network analyzer - also called a network protocol analyzer or packet analyzer - is a software application, dedicated appliance or feature set within a network component used in network performance troubleshooting or to enhance protection against malicious activity within a corporate network.
0 kommentar(er)
