Automated PCAP capture & analyzer
Flowmon Packet Investigator (FPI) is a network traffic auditing tool that automatically records and analyzes full packet data. Combining automated PCAP analysis and built-in expert knowledge, it provides you with an instant deep understanding of emergent issues and offers suggestions for a remedy.
Locate the root cause
Autonomous investigation of DHCP, DNS, FTP, IMAP, IMF, POP, SIP, SLAAC, SMB, SMTP, IP, TCP, SSL, HTTP.Reduce MTTR
Let the analytical engine locate the root-cause, describe it and recommend a solution.Record your traffic
On-demand and on-event L2-L7 network traffic recording (packet sniffing).Instant analysis
The Flowmon Packet Investigator performs an automatic decision-tree analysis of network protocols, their dependencies, RFC specifications and errors from a PCAP file, giving you an immediate number of issues found as well as their severity.
Built-in expertise
The FPI houses decades of combined networking experience provided by our in-house experts. By expanding the analysis results, you can browse through the individual analysis steps and see explanations of the possible root-cause of issues including recommendations for remedial action.Automatic capture
Never drop a packet. You can record packets manually, upload your own PCAP files or the FPI can performed automated policy-based packet capture, e.g. upon security event detection, at speeds of 1Gā100G. The rolling buffer retains a number of packets from before the event occurred, making sure that no history is lost.Functional versatility
The FPI is built to cover a broad spectrum of protocols with the number constantly rising. Identify malfunctions or misconfigurations of critical network devices (ARP, DNS, DHCP, ICMP, NTP), expose client/server encryption incompatibility (SSL/TLS version, encryption algorithms, certificates), application protocol stack issues (HTTP, Samba, FTP, IMAP, POP, etc.) or IoT issues (CoAP, IEC104, GOOSE, MMS, MQTT).Speed up your Wireshark investigation
The FPI is like an extra team member.
Ā | Packet Investigator | Wireshark |
---|---|---|
Required skill set | Operator, Junior admin, L1 engineer | Analyst, Senior admin, L2/L3 engineer |
Primary use case | Automated root cause analysis | Manual troubleshooting, forensic analysis |
Packet capture | Monitoring appliances, 1G/10G/40G/100G | Diagnostic laptops, hosts, usually 1G |
Capture control | Central control and scheduling | Manual on individual locations |
Automation | Triggered capture & REST API | None or homegrown scripts |