Flowmon
Flowmon Packet Investigator
Flowmon Packet Investigator (FPI) is an automated network traffic auditing tool that records and interprets full packet data. Combining automatic PCAP investigation and built-in expert knowledge, it provides administrators with not only an understanding of emergent issues but also with suggestions for a remedy, saving hours or even days of manual work.
Try 90-Day Free Trial
Flowmon Packet Investigator
What Flowmon Packet Investigator can do for you:
  •  On-demand network traffic recording (L2-L7) for in-depth troubleshooting.   
  •  Automate packet analysis of captured events with built-in expert knowledge.
  •  Streamline troubleshooting with automatic explanations and suggestions for a remedy.
Automated analytics
Autonomous investigation of DHCP, DNS, FTP, IMAP, IMF, POP, SIP, SLAAC, SMB, SMTP, IP, TCP, SSL, HTTP for resolving operational problems, compatibility issues, etc.
Built-in expertise
The Investigator uses an analytical engine to locate the root-cause, explains it in a clear message, and suggests remedial actions.
Hard evidence anytime you need
Capture relevant packets at 1G, 10G, 40G, and 100G speeds. Use inbuilt capture capabilities or upload PCAPs from external sources.

Key Features and Benefits

Automated analytics
Autonomous investigation of DHCP, DNS, FTP, IMAP, IMF, POP, SIP, SLAAC, SMB, SMTP, IP, TCP, SSL, HTTP for resolving operational problems, compatibility issues, etc.
Built-in expertise
The Investigator uses an analytical engine to locate the root-cause, explains it in a clear message, and suggests remedial actions.
Hard evidence anytime you need
Capture relevant packets at 1G, 10G, 40G, and 100G speeds. Use inbuilt capture capabilities or upload PCAPs from external sources.
Rolling buffer
A set of packets per flow remains buffered for a defined period and is recorded on-demand.
Automated triggers
A detected event can automatically trigger full packet recording, making raw traffic data available for thorough analysis.
Consolidation of tools
Availability, capacity, troubleshooting, compliance, and forensics - with Flowmon, all under one hood, across the entire hybrid environment.
Rolling buffer
A set of packets per flow remains buffered for a defined period and is recorded on-demand.
Automated triggers
A detected event can automatically trigger full packet recording, making raw traffic data available for thorough analysis.
Consolidation of tools
Availability, capacity, troubleshooting, compliance, and forensics - with Flowmon, all under one hood, across the entire hybrid environment.

Automated PCAP Investigation

Packet analysis is irreplaceable in situations when network telemetry data does not provide a sufficient level of detail and it is, therefore, necessary to look inside the content of the communication. Where tools like Wireshark only capture network traffic but require expert knowledge to interpret the events, the Packet Investigator takes things a step further and analyzes the packets automatically.

Its PCAP analysis engine understands network protocols, their dependencies, RFC specifications, and errors. Thanks to that, the administrator is provided with a clear understanding and suggestions for a remedy.

Try Online Demo Now (login: demo/demo)
Investigator dramatically cuts MTTR in cases such as:
  • Network connectivity-related issues (communication blocked by the firewall, destination unreachable, TCP errors, etc.)
  • Malfunction or misconfiguration of critical network services (ARP, DNS, DHCP)
  • Client/server encryption incompatibility (SSL/TLS version, encryption algorithms, certificates, etc.)
  • Application protocol stack issues (HTTP, SAMBA, FTP, IMAP, POP, etc.)

Packet Investigator vs. Wireshark

  Packet Investigator Wireshark
Required skill set Operator, Junior admin, L1 engineer Analyst, Senior admin, L2/L3 engineer
Primary use case Automated root cause analysis Manual troubleshooting, forensic analysis
Packet capture Monitoring appliances, 1G/10G/40G/100G Diagnostic laptops, hosts, usually 1G
Capture control Central control and scheduling Manual on individual locations
Automation Triggered capture & REST API None or homegrown scripts

How It Works

  1. Capture full packet traces on-demand via automated, manual, and scheduled triggers. Or upload PCAPs from your preferred tool.
  2. Run Intelligent Decision-Tree analysis and let FPI investigate the traffic.
  3. FPI’s engine looks for RFC deviations and unexpected behavior and translates detected errors into explanations.
  4. Results are shown on the “traffic lights” dashboard, showing the number of issues and their severity with the drill-down option.
Try Online Demo Now (login: demo/demo)

Ready to Explore Packet Investigator in Depth?

Packet Investigator Resources