Category Archives: OmniPeek Network Analyzer

Why Customers Choose WildPackets

Customers come to us for a multitude of reasons. Some aren’t happy with their current network monitoring solutions; others are experiencing network glitches that they cannot solve; and some simply need a cohesive analysis solution. WildPackets offers a suite of products that bring customers to us from far and wide, many of whom need specific capabilities in their monitoring solution. Let’s take a look at just a few of the reasons WildPackets is the leading network analysis solution.

10G Analysis
WildPackets led the way in 10G analysis, being the first to introduce a network recorder to break the 10G barrier. When our TimeLine network recorder was introduced in 2010 it was the only network recorder to capture and store packet-level data, with no data loss whatsoever, at 11.7Gbps. Since then, WildPackets has continued to refine TimeLine, offering even more real-time statistics, increasing our overall data throughput, and adding support to capture directly from 40G network segments.

Network Forensics
Going hand-in-hand with network recording is network forensics. As you’re streaming packets to the network recorder perhaps you see a troubling trend in the real-time dashboard, or maybe a user enters a trouble ticket. Network forensics allows you to analyze a subset of your recorded data while the overall high-speed capture continues uninterrupted.

Often associated with security, network forensics goes well beyond security and also helps solve far more common issues on your network, like spikes in utilization, drops in VoIP call quality, and increased latency in both network and application performance. If a problem does occur, you no longer have to try to recreate the problem, which is typically the most time consuming task in any troubleshooting session. Instead, with TimeLine, you simply go back in time, find the problem on the dashboard, and solve it.

Remote Analysis
The days of using a laptop to perform portable analysis, especially on high-speed wired networks, are now extinct. Corporate networks are highly distributed, even for small to medium sized businesses. Even if your company operates from a single location, odds are you host some services remotely, and use some level of software-as-a-service (SaaS), making it difficult to always be where problems are occurring. WildPackets’ Omni Distributed Analysis Platform provides a wide range of options for remote network analysis, from “lightweight” software solutions like OmniPeek Remote Assistant and OmniEngine software probe, to high performance network recording appliances like TimeLine. With a WildPackets solution, network engineers can monitor and analyze highly distributed network architectures without ever leaving their desks.

Top-Down Approach to Network Monitoring
For an overall, top-down view of any network segment, customers find WildPackets flagship OmniPeek network analyzer most helpful, whether as a portable analyzer or as a console to any of our remote analysis solutions. OmniPeek provides complete visibility into your network – including Ethernet, Gigabit, 10G, 802.11a/b/g/n/ac, and VoIP and video. OmniPeek provides visual context into the network so that even junior IT staff can drill down into performance problems and solve performance issues across multiple network segments. This ensures maximum network uptime and user satisfaction.

The Full Suite of Network Monitoring and Analysis Products
And for a complete view across your entire network, WildPackets offers WatchPoint network monitor. This solution builds on our suite of distributed analysis products and provides a comprehensive graphical interface of overall network performance, including top talkers, top applications, overall utilization, VoIP performance, and detailed reporting of detected network and application problems (Experts). WatchPoint also provides a direct link for detailed, packet-level analysis to determine the root cause of any issue.

What is your favorite WildPackets product? Feel free to leave us a comment and share your thoughts.

Are Your Users Complaining? Pinpoint the Reason with OmniPeek

Try as you might, making users happy with network performance is a difficult task. Sometimes problems arise with applications and sometimes with the network itself. Either way, it is your job to make the end user experience the best that it can be.

Luckily, if you are using OmniPeek, problems of any type, whether application or network, or common or rare, can be easily remedied. Let’s take a look at some common user experience issues and how OmniPeek can help to identify the root cause and guide you towards a permanent solution.

Network Downtime
Fortunately unplanned network downtime is a pretty rare occurrence nowadays, but if it does occur the response must be instantaneous. With OmniPeek you can immediately assess the scope of the outage, from a few specific users to an entire subnet. If distributed, 24×7 analysis is in place, you can rewind the network to see exactly what was going on when the outage occurred, providing the best clues possible for determining the root cause, which in this case is probably equipment failure somewhere in the network path of the effected users.

Not Enough Bandwidth? Find the Hog
Bandwidth issues typically arise not because of a lack of bandwidth, but because a user or users are consuming an abnormally high amount of bandwidth. This is becoming more common with the wide availability of video streaming sources, particularly those that are not work related. The Compass dashboard in OmniPeek is an easy way to isolate bandwidth hogs, allowing you to identify not only the user but the type of traffic, providing the ammunition you need to ensure that network traffic is strictly business related.

VoIP Quality Issues
VoIP is the most commonly used real-time protocol on corporate networks. Given its real-time nature, it is extremely sensitive to network problems like too much latency, dropped packets, and jitter, much more so than “regular” network traffic. For real-time data to be useful, it must arrive in order, and within a few hundred milliseconds of being sent, otherwise it is no longer “real-time” and doesn’t fit into the overall conversational flow. Problems with real-time data will continue to grow as more corporate video is transmitted over IP networks, and as more wireless networks are used for the last 100m of data delivery (voice over Wi-Fi, or VoFi).

From a network perspective, VoIP, VoFi, or video over IP are just data on the network. In order to identify problems with real-time traffic, you first need to isolate the traffic, while still seeing it in the context of the overall network. To do this, you can use the Voice and Video dashboard in OmniPeek to see how real-time traffic is coexisting with the rest of the network. Then, the Calls and Media views will allow you to see a more detailed analysis of the packet-by-packet performance of the real-time flow, including detailed analytical metrics and a bounce diagram so you can pinpoint exactly where the problem is, and compare it with network activity to correlate real-time transport problems with overall network usage.

If you are experiencing another kind of reoccurring issue on your network, please leave us a comment and we’ll address best practices for remedying this issue.

When and Why You Should Capture 802.11n Traffic with Remote AP Adapters

The classic method of capturing WLAN traffic is to attach a dongle to a laptop and walk the floor. There are some advantages to this method, but the innovations introduced in 802.11n provide a clear argument that the time has come to rely on access point (AP) based capture.

Walking the floor “feels” like the right way to address WLAN issues. It’s a technique commonly used when deciding where to install APs, to detect noise sources, and determine the farthest limits of coverage. There are well-respected tools specifically built to use floorplans to provide a path to walk to test the WLAN signal. Best of all, it provides an active alternative to sitting at your desk.

802.11n changes some of the underlying assumptions around WLAN analysis. Beam forming means that APs are able to create direct paths to reach WLAN clients, replacing omnidirectional antennas with arrays of unidirectional antennas. While we at WildPackets are fans of anything that includes the term “Omni,” we’re also fans of technology that improves performance and bandwidth, which beam forming definitely does. What it means for your WLAN is that an AP will be able to optimize the packet delivery to physically route around sources of noise, so there’s less need to survey the site.

There’s also another issue we’re hearing about with 802.11n laptop-based analysis, which is that the higher speeds – not to mention channel bonding – are starting to overwhelm the ability of a single laptop to capture all WLAN traffic across all channels. There’s simply not enough bandwidth in USB for more than about 3 active WLAN capture dongles. While it’s not a problem for any given client, it’s a problem for an analyst performing true multi-channel analysis.

With a remote AP adapter on the other hand, the traffic is captured by an AP that is put into promiscuous mode and sent in real-time over the (often gigabit) wire to OmniPeek or an OmniEngine for analysis. This helps you capture traffic at rates as high as a wired network. It also allows captures to be done remotely, from as many locations as you have APs installed.

There’s one caveat with AP-based capture: not every AP out there supports remote capture, and not every AP supports capturing at the same time as acting as a base station.

For APs that support remote capture, there’s no better way to get a “true” view of the wireless traffic. Since the AP is the center of the network, it’s the most accurate location to measure signal strength for clients. It’s much faster to see the reception for all attached clients than to walk the floor and measure the signal at every location. That’s especially true when the “floor” in question is at a remote site: packets travel faster than people do, so problems can be detected, diagnosed, and fixed quicker.

For best success with AP-based capture, consider putting an OmniEngine near your AP controller, to reduce the distance your captured traffic has to traverse. The optimized protocol between OmniPeek and OmniEngines means that you’ll get the advantages of full visibility without creating a lot of additional traffic.

If you’re still not convinced, or you just like the excuse to get up and walk around, WildPackets is still there to support you. Take a look at our new OmniWiFi WLAN adapter for reliable capture at a reasonable cost.