Automated Network Packet Investigator for in-depth troubleshooting

Flowmon introduces the NEW Automated pcap investigation “Packet Investigator” module!

Flowmon Packet Investigator (FPI) is an automated network traffic auditing tool that records and interprets full packet data.

Where flowdata is not sufficient, and more detail is needed, the Packet Investigator captures all the packets of traffic surrounding the event for in-depth troubleshooting.

What sets the Investigator apart, is built-in expert knowledge. It not only provides extensive details but automates the analysis, assessing the captured events, looking for error codes, and providing explanations and suggestions for a remedy.

How It Works

1. Capture full packet traces on-demand via automated, manual, and scheduled triggers. Or upload PCAPs from your preferred tool.
2. Run Intelligent Decision-Tree analysis and let FPI investigate the traffic.
3. FPI’s engine looks for RFC deviations and unexpected behavior and translates detected errors into explanations.
4. Results are shown on the “traffic lights” dashboard, showing the number of issues and their severity with the drill-down option.

Investigator dramatically cuts MTTR and it is saving hours or even days of manual work in cases such as:

• Network connectivity-related issues (communication blocked by the firewall, destination unreachable, TCP errors, etc.)
• Malfunction or misconfiguration of critical network services (ARP, DNS, DHCP)
• Client/server encryption incompatibility (SSL/TLS version, encryption algorithms, certificates, etc.)
• Application protocol stack issues (HTTP, SAMBA, FTP, IMAP, POP, etc.)

Packet analysis is irreplaceable in situations when network telemetry data does not provide a sufficient level of detail and it is, therefore, necessary to look inside the content of the communication. Where tools like Wireshark only capture network traffic but require expert knowledge to interpret the events, the Packet Investigator takes things a step further and analyzes the packets automatically.

Its PCAP analysis engine understands network protocols, their dependencies, RFC specifications, and errors. Thanks to that, the network administrator is provided with a clear understanding and suggestions for a remedy.

• Share: