Search
Online DemoRequest Free TrialContact Sales
Flowmon
Kemp Flowmon Packet Investigator
Kemp Flowmon Packet Investigator (FPI) is an automated network traffic auditing tool that records and interprets full packet data. Combining automatic PCAP investigation and built-in expert knowledge, it provides administrators with not only an understanding of emergent issues but also with suggestions for a remedy, saving hours or even days of manual work.
Try 30-Day Free Trial
Kemp Flowmon Packet Investigator
Try automated analysis with your data
Try FPI for free
What Kemp Flowmon Packet Investigator can do for you:
  •  On-demand L2-L7 network traffic recording (packet sniffing) for in-depth troubleshooting.   
  •  Automate packet analysis of captured events with built-in expert knowledge.
  •  Streamline troubleshooting with automatic explanations and suggestions for a remedy.
  • Features for packet sniffing (also known as ip sniffer, packet sniffer or network sniffer) 

"Flowmon Packet Investigator helps us to automate troubleshooting, which means we can spend less time in Wireshark PCAPs. Instead of going through packets manually, we know immediately what kind of issue we are dealing with and what the root cause is. And because we don't need deep knowledge of network protocols to use it, packet analysis is made available to every member of our IT team."

Jan Kovařík, IT Center Coordinator
Automated analytics
Autonomous investigation of DHCP, DNS, FTP, IMAP, IMF, POP, SIP, SLAAC, SMB, SMTP, IP, TCP, SSL, HTTP for resolving operational problems, compatibility issues, etc.
Built-in expertise
The Investigator uses an analytical engine to locate the root-cause, explains it in a clear message, and suggests remedial actions.
Hard evidence anytime you need
Capture relevant packets at 1G, 10G, 40G, and 100G speeds. Use inbuilt capture capabilities or upload PCAPs from external sources.

Key Features and Benefits

Automated analytics
Autonomous investigation of DHCP, DNS, FTP, IMAP, IMF, POP, SIP, SLAAC, SMB, SMTP, IP, TCP, SSL, HTTP for resolving operational problems, compatibility issues, etc.
Built-in expertise
The Investigator uses an analytical engine to locate the root-cause, explains it in a clear message, and suggests remedial actions.
Hard evidence anytime you need
Capture relevant packets at 1G, 10G, 40G, and 100G speeds. Use inbuilt capture capabilities or upload PCAPs from external sources.
Rolling buffer
A set of packets per flow remains buffered for a defined period and is recorded on-demand.
Automated triggers
A detected event can automatically trigger full packet recording, making raw traffic data available for thorough analysis.
Consolidation of tools
Availability, capacity, troubleshooting, compliance, and forensics - with Flowmon, all under one hood, across the entire hybrid environment.
Automated analytics
Built-in expertise
Hard evidence anytime you need
Rolling buffer
Automated triggers
Consolidation of tools
Rolling buffer
A set of packets per flow remains buffered for a defined period and is recorded on-demand.
Automated triggers
A detected event can automatically trigger full packet recording, making raw traffic data available for thorough analysis.
Consolidation of tools
Availability, capacity, troubleshooting, compliance, and forensics - with Flowmon, all under one hood, across the entire hybrid environment.

Automated PCAP Investigation

Packet analysis is irreplaceable in situations when network telemetry data does not provide a sufficient level of detail and it is, therefore, necessary to look inside the content of the communication. Where packet sniffing tools like Wireshark only capture network traffic but require expert knowledge to interpret the events, the Packet Investigator takes things a step further and analyzes the packets automatically.

Its PCAP analysis engine understands network protocols, their dependencies, RFC specifications, and errors. Thanks to that, the administrator is provided with a clear understanding and suggestions for a remedy.

Try Online Demo Now (login: demo/demo)
Investigator dramatically cuts MTTR in cases such as:
  • Network connectivity-related issues (communication blocked by the firewall, destination unreachable, TCP errors, etc.)
  • Malfunction or misconfiguration of critical network services (ARP, DNS, DHCP)
  • Client/server encryption incompatibility (SSL/TLS version, encryption algorithms, certificates, etc.)
  • Application protocol stack issues (HTTP, SAMBA, FTP, IMAP, POP, etc.)

More than a Clever Wireshark Alternative

FPI is more than just another alternative to Wireshark packet capture and packet analysis features.
  Packet Investigator Wireshark
Required skill set Operator, Junior admin, L1 engineer Analyst, Senior admin, L2/L3 engineer
Primary use case Automated root cause analysis Manual troubleshooting, forensic analysis
Packet capture Monitoring appliances, 1G/10G/40G/100G Diagnostic laptops, hosts, usually 1G
Capture control Central control and scheduling Manual on individual locations
Automation Triggered capture & REST API None or homegrown scripts

How It Works

  1. Capture full packet traces on-demand via automated, manual, and scheduled triggers. Or upload PCAPs from your preferred tool (even Wireshark PCAP files or files from your favourite ip sniffer / packet sniffer).
  2. Run Intelligent Decision-Tree analysis and let FPI investigate the traffic (automated packet analysis).
  3. FPI’s engine looks for RFC deviations and unexpected behavior and translates detected errors into explanations.
  4. Results are shown on the “traffic lights” dashboard, showing the number of issues and their severity with the drill-down option.
Try Online Demo Now (login: demo/demo)

Ready to Explore Packet Investigator in Depth?

Packet Investigator Resources

Packet Investigator Specification pdf, 84 KB
Packet Investigator Product Brief pdf, 1165 KB