What is a Network Analyzer?
What is a network analyzer (protocol analyzer or packet analyzer)?
A network analyzer — also called a network protocol analyzer or packet analyzer — is a software application, dedicated appliance or feature set within a network component used in network performance troubleshooting or to enhance protection against malicious activity within a corporate network. Network analyzers accomplish this by collecting packet data traversing a network.
Network analyzers can be installed and run directly on a device to provide packet capture data, or the analyzer can be inserted within the network — typically a network uplink — to simultaneously monitor packet capture data for multiple devices.
Placement of a packet analyzer largely depends on analysis goals and the location of devices administrators wish to monitor and analyze. For example, a laptop running Wireshark, a free open source network protocol analyzer, can be used in an ad-hoc way to analyze packets to find out why a particular web server is running slow. Alternatively, an analyzer might be deployed as a standalone appliance or as part of a firewall, intrusion detection system/intrusion prevention system (IDS/IPS) or network detection and response tools to monitor all traffic at the internet edge to help identify malicious activity.
Network analyzers can:
- Provide detailed packet capture data that specifies who specific devices are communicating with — source and destination — and which protocol or port is being used.
- Identify devices or parts of the network that are causing traffic flow bottlenecks.
- Detect unusual levels of network traffic.
- Detect unusual packet characteristics.
- Monitor traffic to identify suspicious data communications or malware.
- Configure alarm triggers and alerts for defined threats.
- Search for specific data strings in unencrypted packet payloads.
- Monitor bandwidth utilization as a function of time.
- Create application-specific plugins.
- Display all statistics on a user-friendly control panel.
Network analyzers are not intended to replace network monitoring tools, firewalls, antivirus programs, or spyware detection programs. However, the use of a network analyzer in addition to network health, performance and security tools can provide deeper insights when troubleshooting a performance issue or investigating a security incident.
![Toni Kroos là ai? [ sự thật về tiểu sử đầy đủ Toni Kroos ]](https://evbn.org/wp-content/uploads/New-Project-6635-1671934592.jpg)
