Troubleshooting Packet Loss with Packet Capture

When network packets do not reach their destination, connections are lost and users complain. Although networks are far more reliable at delivering packets then they used to be, the ever-increasing size and complexity of networks means this problem does still occur. And when it does, it is harder than ever to find them.

Global network connectivity, with connections that may traverse dozens of hops, makes localized problems very difficult to isolate. So, good visibility throughout the network is essential. However, most network visibility tools do not make it easy to compare the packets on one part of the network with the packets on another.

An EndaceFabric™ of connected EndaceProbe™ Analytics Platforms provides a global search and visualization capability that allows you to make direct comparisons of network packets across as many network segments as you need. In a matter of seconds, all the data for all of the hops a connection has traversed can be graphically represented and compared. So you can isolate the problem with ease.

EndaceVision


EndaceVision™ is a browser-based Visual Traffic Analysis and Forensics application included on every EndaceProbe™ Analytics Platform and in InvestigationManager™ the rapid-search and data-mining tool that lets you find "needle-in-the-haystack" packets-of-interest across months of distributed Network History in seconds, no matter where or when the incident occurred.

EndaceVision lets you filter recorded traffic based on a wide range of parameters including link name, application classification, IP address, MAC address, port number, time stamp and many more options.

EndaceProbes also provide built-in Deep Packet Inspection (DPI) which classifies captured traffic by application. This makes it easy to analyze traffic by application to see precisely what's happening on your network.

Troubleshooting Packet Loss With EndaceVision

Using EndaceVision, you can isolate packets-of-interest from one or more EndaceProbes for the period that you are interested in. By applying filters you can drill into particular hosts or specific protocols to identify the specific packets you want to examine.

Packets can be decoded directly using the onboard Wireshark without requiring a download. Alternatively they can be downloaded as standard pcaps, or enhanced ERF format files with added Provenance™ data.

Want to know more?

Integrating always-on packet capture into your security and performance monitoring tools gives you definitive evidence at your fingertips. 

Find out just how fast and accurate your investigations can be.

Get in touch