Network Packet Analyzer
A packet analyzer turns granular, real-time data into key network insights
Identify slowdowns to prevent end-user impact
Analyze packet metrics for over 1,200 applications
Categorize traffic types across your network
Ensure optimal end-user experience
Set custom, automated packet scanner alerts
Network packet analyzing is crucial for understanding current network status, which is why NPM is built to stay on top of changes by automatically polling for updates every five minutes. However, there’s no need to check NPM that often. You can use the automated network alert feature to catch issues immediately, so you can take action well before end users report slowdowns or security risks spread. The QoE dashboard can also immediately ping admins if application performance drops.
And don’t worry about alert overload—with NPM, it’s easy to customize your alerts to send notifications only on the metrics you’re concerned about. The platform also calculates dynamic baseline threshold data to help you avoid extraneous alerts. Just set up email alerts or Orion® SMS notifications on your mobile device, then use the platform’s configuration options to define the amount of information included in the alerts.
Spot potential security threats
Network packet analysis is intertwined with ensuring connectivity, but it’s also key for spotting potential security threats. Use NPM to catch abnormal traffic or spikes in data usage that could signal a security issue. The network packet analyzer in NPM is designed to provide insights into exactly how much traffic is crossing your network, both currently and historically. You can also use NPM to get at-a-glance insights into data volume and transaction volume according to application, and filter or create reports on the data as needed.
Leverage a built-in network packet analyzer
NPM uses a built-in packet analyzer to capture data from sensors installed on managed Windows devices across a network. Since the tool only collects relevant metadata, it uses minimal bandwidth on Orion servers and nodes. NPM then turns this metadata into readable metrics, automatically updating this information to provide an accurate, evolving picture of on-premises, hybrid, and cloud services. Additionally, admins can use NPM to monitor logical components within a software-defined network (SDN) environment.
Gain access to an intuitive, centralized dashboard
Admins can also use the visual charts and graphs in SolarWinds NPM to quickly access an overview of current QoE status or to filter packet analysis findings to report on results. Use the default categorizations or customize charts and graphs to classify, display, and prioritize the metrics most relevant to your network management traffic.
Get More on Packet Analyzer
What is the purpose of packet capture analysis?
Admins use packet capture analysis, also known as deep packet inspection or network sniffing, to assemble an accurate overview of network health based on packet-level insights. This granular level of detail offers a realistic picture of the network’s current state. Capturing and analyzing packets yields statistics about network health, traffic flows, and bandwidth usage. Viewing updates on network traffic types and volume reveals how the network is currently being used and allows for capacity planning. Packet analyzers are also valuable for diagnosing network issues, checking configurations, and resolving slowdowns, as this level of analysis can reveal exactly when and where performance issues occur. Additionally, admins can use packet capture analysis to note spikes in traffic or unusual activity that could signal a security issue. When performed by an admin, this process can reveal information to facilitate precise troubleshooting. However, packet sniffing is also sometimes performed by hackers, who capture packets to steal or “eavesdrop” on sensitive information in transit, including usernames and passwords, email contents, and other private data.
How does a packet analyzer work?
A packet analyzer intercepts network traffic and captures the in-transit data packets. Essentially, it can see all the information passing over the network by looking at each packet. A packet is simply a message split into its smallest possible parts to travel across a network. It’s broken down when sent and reassembled at the receiver node. In general, a data packet is sent over a network with a header specifying its destination. Normally, only the intended recipient will read the packet. However, a packet analyzer doesn’t focus only on packets addressed to it — it looks at all the traffic to which it is given access. A packet scanner can capture all packets if set to perform unfiltered analysis, or it can filter to only capture only packets containing specific elements. Packet analyzer software uses two common types of access methods to capture packets. The first is the test access point (TAP) method. A TAP is a hardware tool enabling network monitoring by transmitting “send” and “receive” packets on separate channels to the same device, ensuring simultaneous delivery. This method requires a physical device and connection, which can be costly. The second method is port mirroring, or switch port for analysis (SPAN). This method sends a copy of all network packets on one port to another port, where they’re subsequently analyzed. This method doesn’t affect the destination host’s connection. SPAN ports are part of Layer 2 and 3 network switches and require admin configuration during setup. In some cases, packet capture analysis includes the full payload of the packet, tracking data like usernames, sites visited, applications used, and detailed contents of activities. However, effective packet analysis can also just capture the header and transaction information, collecting metadata for performance troubleshooting. For instance, by tracking and logging response time for packets sent between clients and servers, an analyzer can provide metadata about network and application traffic. Many packet analyzer tools then translate this information into a user-friendly form so admins can easily view and compare key network metrics like resource utilization and bandwidth usage.
Why is network packet analysis important?
Network packet analysis is critical for network administrators, as it creates a central data source for effective network monitoring. By analyzing networks at the packet level, administrators gain a more specific and accurate understanding of network issues. Packet analysis is key because it provides a detailed overview of traffic across a network. It allows admins to both focus on a slowdown in packet response times between two managed nodes and better understand network performance.
Packet analysis can deliver a range of information depending on what administrators need to achieve effective network management. Typically, collecting metadata uses fewer resources while providing key stats on traffic volume, type, latency, and more. This process generates patterns, helping admins diagnose issues, avoid slowdowns, and prevent further end-user impact.
Packet analysis is also one of the most effective ways to quickly catch security threats and prevent unauthorized activity. A packet analyzer can flag unusual actions or alert admins to major shifts in traffic type and volume that could signal a breach.
How does packet analysis in NPM work?
The packet analysis tool in Network Performance Monitor is designed to capture packets across your network using the SPAN port method and sensors installed on relevant servers. NPM has a light load, as it only captures packets’ metadata. NPM’s packet analysis feature can integrate with over 1,200 applications and calculate key stats, including response time, data volume, and traffic type.
You can use the step-by-step wizard to deploy server and network packet analysis sensors on any of the devices managed through the platform. The Quality of Experience dashboard within NPM provides at-a-glance summaries of performance metrics. Admins can use the dashboard’s default categorization or configure custom settings for the platform to automatically classify traffic and generate updated charts and dashboards. Admins can then filter the dashboard view, configure custom alerts, or drill down with a single click to view additional device information.
What other network tool features does NPM have?
SolarWinds packet analyzer software Network Performance Monitor offers a range of critical network management features building on and going beyond packet analysis. For instance, admins can create advanced alerts based on network topology and dependencies to help ensure they don’t miss critical state changes. NPM’s NetPath™ network path analysis feature offers admins hop-by-hop path visualization beyond their internal business network. You can use the Wi-Fi heatmapping feature to create and update wireless connectivity maps reflecting real conditions. Troubleshooting is a snap with the PerfStack dashboard, where admins can drag and drop metrics for instant visual correlation. Additionally, NPM’s dynamic baseline threshold means you may be able to set more accurate alerts. If you’re looking for compatibility, NPM can help you cover your bases. The tool can manage domains with equipment from multiple vendors and can be used for on-premises, hybrid, and cloud environments. It’s also possible to monitor logical components of an SDN environment.
- What is the purpose of packet capture analysis?
- How does a packet analyzer work?
- Why is network packet analysis important?
- How does packet analysis in NPM work?
- What other network tool features does NPM have?
What is the purpose of packet capture analysis?
Admins use packet capture analysis, also known as deep packet inspection or network sniffing, to assemble an accurate overview of network health based on packet-level insights. This granular level of detail offers a realistic picture of the network’s current state. Capturing and analyzing packets yields statistics about network health, traffic flows, and bandwidth usage. Viewing updates on network traffic types and volume reveals how the network is currently being used and allows for capacity planning. Packet analyzers are also valuable for diagnosing network issues, checking configurations, and resolving slowdowns, as this level of analysis can reveal exactly when and where performance issues occur. Additionally, admins can use packet capture analysis to note spikes in traffic or unusual activity that could signal a security issue. When performed by an admin, this process can reveal information to facilitate precise troubleshooting. However, packet sniffing is also sometimes performed by hackers, who capture packets to steal or “eavesdrop” on sensitive information in transit, including usernames and passwords, email contents, and other private data.
"With SolarWinds we have seen improvements in availability and reductions in time-to-resolution. We are able to rectify problems much faster, before users start complaining."
Michael Low
Systems Engineer
Marina Bay Sands
Resolve network and application issues with a packet analyzer
Network Performance Monitor
- Translate network packet information into useful charts and graphs.
- Captures and filter network traffic information according to your specifications.
- User-friendly interface and alerts make it a snap to track packet data.
Starts at
NPM, an Orion module, is built on the SolarWinds Platform