The term - network analysis - on this page is a technology in computer networking that networking professionals can use with their networking knowledge and a network analysis tool (network analysis software) to analyze what happened on the network, such as troubleshooting network issues, locating network breaches, etc. among captured network packets.
"Why is the network slow?" "Why can’t I access my e-mail?" "Why can’t I get to the shared drive?" "Why is my computer acting strange?"
If you are a system administrator, network engineer, or security engineer you have probably heard these questions countless times. Thus begins the tedious and sometimes painful journey of troubleshooting. You start by trying to replicate the problem from your computer and analyze what was wrong. Sure enough, you can’t get to anything on the local network or the Internet either. Now what? Go to each of the servers and make sure they are up and functioning? Check that your router and switch is functioning? Check each computer for a malfunctioning network interface card?
No, you are able to contain the problem relatively quickly thanks to your knowledge and use of a network analyzer and network analysis.
Network analysis is the process of capturing network traffic and inspecting it closely to determine or analyze what happened on the network. A network analyzer decodes, or dissects the data packets of common protocols and displays the network traffic in human-readable format. Network analysis is also known by several other names: traffic analysis, protocol analysis, packet sniffing, packet analysis, and eavesdropping to name a few.
Sniffing tends to be one of the most popular terms in use today. However, due to malicious users it has had a negative connotation in the past.
A network analyzer can be a standalone hardware device with specialized software, or it can simply be software that you install on your desktop or laptop. Network analyzers are available both free and commercially, such as Capsa Free is a free network analysis tool presented by Colasoft.
Differences between network analyzers tend to depend on features such as the number of supported protocol decodes the user interface, and graphing and statistical capabilities. Other differences include inference capabilities, such as expert analysis features, and the quality of packet decodes. Although several network analyzers all decode the same protocols, some may decode better than others.
System administrators, network engineers, security engineers, system operators, even programmers, all use network analysis. Network analyzers are invaluable tools for diagnosing and troubleshooting network problems. Network analyzers used to be dedicated hardware devices that were very expensive. New advances in technology have allowed for the development of software network analyzers. This makes it more convenient and affordable for administrators to effectively troubleshoot a network. It also brings the capability of network analysis to anyone who wishes to perform it.
The art of network analysis is a double-edged sword. While network, system, and security professionals use it for troubleshooting and monitoring of the network, intruders can also use network analysis for harmful purposes. A network analyzer is a tool, and like all tools they can be used for both good and bad intentions.
The following list describes a few reasons why administrators use network analyzers:
If you are interested, please visit Capsa How-to's to learn more tips and skills on how to use a network analyzer to perform network analysis tasks.
Subscribe to the Monthly Newsletter for Hints & Tips on Capsa and nChronos.
Colasoft, Capsa, nChronos and Colasoft logos are registered trademarks of Colasoft. Sniffer is a registered trademark of Network General Corporation. All other names are trademarks or registered trademarks of their respective owners.