Meet Flowmon Packet Investigator

Packet capture and analysis in one - for those occasions when extra detail is needed.

Posted on

We are excited to introduce to you a new addition to our offering - Flowmon Packet Investigator (FPI).

Labor-saving Automation

The FPI is an evolutionary successor to the Traffic Recorder, retaining its full functionality and adding automated packet analysis. What this means is that when flow data is not enough to get to the bottom of an emergent issue, the Investigator captures all the packets surrounding the event, analyzes them and provides an explanation with suggestions for a remedy. Automatically.

This is what makes it unique. Not only does it deliver the minutest detail, but it also does the labor of interpreting it. It is an automated network traffic auditing tool that contains built-in expert knowledge and is particularly useful for resolving problems such as:

  • Network connectivity-related issues (communication blocked by the firewall, destination unreachable, TCP errors, etc.)
  • Malfunction or misconfiguration of critical network services (ARP, DNS, DHCP)
  • Client/server encryption incompatibility (SSL/TLS version, encryption algorithms, certificates, etc.)
  • Application protocol stack issues (HTTP, SAMBA, FTP, IMAP, POP, etc.)

Expert Analysis

The FPI processes PCAP files, which it captures either upon an event being detected and reported by Flowmon ADS, by manually set up or scheduled capture, or via a REST API call from a third-party appliance. Users can also upload their own files.

It then runs a decision-tree analysis to get to the root of the issue by seeking deviations from the RFC specifications of the respective protocols and their combinations and dependencies. Any specific protocol states, failures or error codes are identified and compared against extensive databases to be translated into an intelligible message including a recommendation for a course of action.

The FPI contains the rolling buffer, part of its Traffic Recorder heritage, it ensures that no packets are lost even though the communication may already be in progress.

Instant Insight

The FPI is more than just a packet recorder and analyzer. It is a complement to flow data monitoring that delivers deep network insight without asking you to lift but a finger.

If you want to read more about how Flowmon Packet Investigator works, visit the product datasheet or contact us.

Explore the Flowmon interactive demo

Experience a fully interactive product demo to see what issues Flowmon can tackle for you.

Launch Demo