Recently in Wireless Network Category

Top 10 OmniPeek Plug-ins

By WildPackets on March 9, 2010 3:40 PM | No Comments | No TrackBacks

The OmniPeek Plug-ins are flying off the shelves.  And they should, since they are free to customers with maintenance.   There are over 40+ plug-ins available on MyPeek.   Some are more popular than others.   To help you decide which ones to try first, we have taken a look at the stats, and have come up with the top 10 most downloaded plug-ins.


top_10_omnipeek_plugins-1.png

Google Map Plug-in!

The Google Map Plug-in displays a Google Map in the OmniPeek capture window showing the locations of all the public IP addresses of captured packets. This feature is a great way to monitor your Web site at a high level and to see in real time where in the world those hits are coming from.

 

Read more...



top_10_omnipeek_plugins-2.png

The Instant Messenger Plugin

This plugin displays conversations for the AIM, MSN, and Yahoo protocols in real-time, showing the screen names of the people chatting as well as the actual text.   Individual screen names can be selected, showing only the conversations for that screen name.

 

Read more...



top_10_omnipeek_plugins-3.png

Remote TCPDump Adapter

The Remote TCPDump Adapter for OmniPeek is a revolutionary new way to monitor network traffic remotely. With OmniPeek and the Remote TCPDump Adapter you can dramatically extend the reach of your network monitoring capabilities by turning virtually every Linux and Unix based machine on your network into a network probe, and you can do this without installing any new software on those remote machines.

 

Read more...




top_10_omnipeek_plugins-4.png

 SQLFilter Plug-in

The SQLFilter plug-in brings simple, powerful data mining to WildPackets' flagship network analyzers. The plug-in lets you perform Structured Query Language (SQL) searches across very large, user-defined sets of packet files from within OmniPeek.

 

Read more...


top_10_omnipeek_plugins-5.png

NetFlow Analyzer Plug-ins

The NetFlow Analyzer Plug-ins for the OmniPeek Console and OmniEngine collect NetFlow traffic and display NetFlow statistics in OmniPeek.

 

Read more...









top_10_omnipeek_plugins-6.png

Wireless Channel Aggregator

The WildPackets' Wireless Channel Aggregator captures wireless packets from multiple channels simultaneously (without scanning), measures vital statistics on each channel separately, and calculates the latency of devices roaming between access points.

Read more...


top_10_omnipeek_plugins-7.png

Regular Expression Filter Plug-in

The FilterMe Plug-in allows the user to create and maintain a list of regular expressions that can be used as filters during real-time capture and file windows.

 

Read more...


top_10_omnipeek_plugins-8.png

WatchMe Plug-in

The WatchMe and Browser Plug-ins displays web pages.   The WatchMe Plug-in follows links in real-time that network users are surfing to, while the Browser Plug-in reassembles packets back into web pages.

 

Read more...



top_10_omnipeek_plugins-9.png

FindMe Plug-in

The FindMe Plug-in adds a tab to the capture window that contains a list of text strings that are searched for each packet. As packets are being processed, the plug-in searches for each instance of each text entry in each packet and makes log entries when the text is found.

Read more...



top_10_omnipeek_plugins-10.png

Latency Monitor

The Latency Monitor measures network and application latency.   These are graphed together and can be easily compared to determine which one is the culprit.   Alarms can also be set to inform you if latency thresholds are exceeded.

 

Read more...

Three benefits of VoFi

By WildPackets on November 3, 2009 3:00 AM | No Comments | No TrackBacks
The use of VoFi, or Voice over Wireless, has been rather limited. But now, with the newly ratified 802.11n standard, we're expecting to see a surge of interest in this technology since 802.11n and its increased throughput and range is what makes VoFi feasible. 

Three benefits of VoFi are:
  • Reliable coverage
  • Moving billable, cellular minutes to Wi-Fi
  • Increased mobility

We all continually suffer through the issue of poor cellular coverage indoors, whether at home or in the office. VoFi and VoFi enabled phones provide the capability to transition calls and data activity from cellular to Wi-Fi when in range of an 802.11 network. Since 802.11 is typically deployed to cover indoor spaces, like your home and office, call and data quality will be dramatically improved indoors with VoFi enabled technology.

An added benefit of transitioning a call to your 802.11 network is that it reduces cellular usage, saving minutes on pay-per-minute plans. Granted, this hand-off is still being worked out between carriers and equipment manufacturers, and may not result in a complete minute-for-minute reduction in usage, but more than likely some level of savings will be realized, allowing you to much more quickly capitalize the expense of an 11n upgrade by eliminating some of your billable cellular traffic and carrying it on your 802.11 network.

802.11 has always been about mobility, but up until now it's been manifested more in being able to move from your office to the conference room with your laptop and maintain connectivity. VoFi significantly extends mobility by including voice communications as well. You no longer need to be tethered to a desk phone, or limited by the base-station range of a cordless handset. Wherever there's 802.11 coverage there's voice coverage. This technology was already in use by some industries, large retailers for example, allowing customer service reps to wander the store while helping customers. But 802.11n and VoFi will take this to the mainstream, both in the office and at home.

A key element of VoFi, of course, is the voice component. It's very similar to VoIP in that it's susceptible to jitter and latency, and thus dropped calls, interruptions, and other issues. As a typical wireless network has more latency and interference than a wired network the susceptibilities are that much worse. So with this new technology comes new problems. Are you prepared to manage your new VoFi environment?

On November 18, we're hosting a webinar to explain how best to manage your VoFi environment.

Good news: The Cisco AP Capture Adapter just got better

By WildPackets on July 21, 2009 9:03 AM | No Comments | No TrackBacks
The Cisco AP Capture Adapter is a feature in the OmniPeek Console that can capture and aggregate wireless packets from multiple Cisco Access Points.    This feature is especially useful to companies with large numbers of Access Points (APs) that are spread throughout offices, stores, and warehouses.    It allows any one or more of the APs to be temporarily used as probes to capture traffic, and then switched back to AP mode, all remotely through software.    Being able to multi-purpose the APs in this way increases the ROI of both OmniPeek and the Cisco AP.

So the Cisco AP Capture Adapter, as a solution, is very good.   Of course, as the developer of the Cisco Remote Adapter, I am going to say that, right?    But seriously, we have been pleasantly surprised by the  popularity of this feature, and the growing number of customers who are using it.  

However, it has its drawbacks.    Because it runs on the OmniPeek Console, the captured packets have to be streamed over the network from the APs to OmniPeek, wherever it may be.    This could be on a different segment, in a different building, or in a different country.    The stream is also not encrypted.    Furthermore, if the IP address of the OmniPeek Console machine changes, which is likely, the AP configuration has to be changed to reflect that.

The point here is that the distance the packets must travel could be long, possibly over the internet, it is not secure, and it changes locations.    These are not ideal characteristics of an enterprise solution, which is why the Cisco AP Capture Adapter is used mostly for local troubleshooting.    This is too bad, since the potential is so much greater.

Now for the good news.  (Imagine a drum roll in the background.)  Ladies and gentlemen ... we have just ported the Cisco AP Capture Adapter to the OmniEngine.   (Now imagine roaring applause.)  Yes, this is good news indeed.   

By running the Cisco AP Capture Adapter on the OmniEngine, and placing the OmniEngine on the same segment or subnet as the Cisco AP wireless mesh, all of the packets from any one of the Cisco APs can be streamed and aggregated directly into the OmniEngine.   The OmniPeek Console is then used to connect to the OmniEngine and view the results of the analysis.  

By inserting the OmniEngine into the equation, a new tier is added, providing better performance, less overhead, and security.    The performance is better because the packets only have to be streamed to the OmniEngine, not all the way back to the OmniPeek Console.    This also provides a permanent capture environment, so that your AP configurations do not have to change.   

The overhead to the network is also less, since the packets have to travel  a shorter distance, through fewer routers and switches.   Security is also much better, because the OmniPeek Console interaction with the OmniEngine is through a secure and compressed connection.

But that's not all.   There are many advantages of using a distributed OmniEngine, and now users of the Cisco AP Capture Adapter will be able to take advantage of them.   Yes, this is good news indeed.    The Cisco AP Capture Adapter  for the OmniEngine is in test now, and will be available to maintenance members soon.    I am sure it will be a big hit.

-SpacePacket


5 Key WiFi Themes in 2009

By WildPackets on July 15, 2009 12:08 AM | No Comments | No TrackBacks

Fact: wireless networks save money and increase productivity. Craig Matthias of Farpoint Group has identified five key themes relating to WiFi that have emerged in 2009. These themes are important to consider as organizations plan, deploy, and manage their networks.
 
1. 802.11n is here

Even though the IEEE has yet to ratify the 802.11n specification, the Wi-Fi Alliance has been certifying 11n equipment for 2 years now, and it's been a very successful program for them. The reasons are obvious: 11n equipment is already in widespread use and deployment rates will only increase as use of the technology shifts from consumer-based equipment to widespread enterprise deployments. All new deployments, as well as any replacement projects which are in place for 802.11, should be with 11n gear, period. The benefits are tremendous. Prices are highly competitive. It's not only here - it's thriving.
 
2. Unified networks

I've been saying this since I first started working with 802.11 - if you have a wireless network, you must have a wired network. They do not exist in a vacuum. So to even think of one as separate from the other is ludicrous. Granted, network management may be a bit different between the two, the network must be viewed as a whole, meaning a unified wired/wireless network. And unified wired/wireless network management systems. Look for lots of development in this area over the next few years.
 
3. All applications are going wireless

Even more to the point, all applications ARE wireless. Users don't distinguish between wired and wireless networks when they sit down to work, so applications shouldn't behave differently either. Fortunately, 802.11 has been well specified to deal with this and the cases where applications don't behave well over wireless are few and far between. Though VPN and other tunneling protocols may be exceptions, we're also seeing rapid improvements in these areas as well.
 
4. Wireless security is a myth

Maybe it's more like "wireless security is mythical" based on all of the iterations and misconceptions that have developed over time. This topic has truly been covered to death, so let's just sum it up: WPA2 is easy to use and highly secure, perhaps even more so than your wired network. The debate is over; the myths are debunked. More to the point is that security is a policy, not just a technology, and this policy transcends both the wired and wireless network. For example, authentication can and should take place on the wired network (802.1x), even when users are wireless. The policy must be integrated and consistent, and cover all use cases, whether wired or wireless. This is a topic unto itself for perhaps a deeper dive in an upcoming blog entry.

5. Increased distributed operations

Wireless networks, especially in the enterprise, are often deployed with what I call the "Old McDonald's Farm" approach - "here a WLAN, there a WLAN, everywhere a WLAN". In other words, WLAN's are seen as a "fill in" technology to cover only specific areas where wired coverage may be difficult or where large numbers of transient connections may be required. Fortunately, just as we all outgrow the joys of "Old McDonald Had a Farm," enterprises are outgrowing this deployment mentality in favor of organized, distributed wireless deployments with centralized management. This of course plays into most of our 5 key themes, including unified networks and unified security policies. The last step is high quality, tightly integrated, centralized management and assurance tools for both wired and wireless. Only then do we achieve true unification.
 

So, why does any of this matter to you? Wireless will save you money and increase productivity, and that's with what has been available so far - a/b/g networks and limited integration between wired and wireless network management. With 11n and an upcoming focus on wired and wireless network unification, we're on the verge of something really big. We'll no longer be singing, "Old McDonald Had a Farm" while planning our wireless network. We'll be scoping wireless into our overall network architecture, and including wireless as an integral part in our selection of network management and assurance tools as well as our network usage policies. Oh yeah, and we'll be saving even more money and making our "network customers" ecstatic.
 

3 benefits of 802.11n

By WildPackets on June 18, 2009 6:00 AM | No Comments | No TrackBacks

802.11n is a newer standard of WiFi LAN, or wireless local area network technology. For context, preceding standards have equally "exciting" names including 802.11a, 802.11b and 802.11g. Joking aside, in what seems to be consistent in the world of technology, the hype around 80211.n in the trades and blogosphere outpace current realities and deployments.

 

In fact, while not yet mainstream - to date it has not been ratified as a standard by the Wi-Fi Alliance - 802.11n has been mentioned in articles and blogs more than 1,000 times in the past six months according to ITDatabase.

 

Beyond the general appeal of 802.11n being the latest and the fastest WiFi LAN, there are certainly benefits with 802.11n - three worth mentioning in particular.

  

1) Better range

 

While users can expect a variance of capabilities in client devices using 802.11n depending on a host of variables, 802.11n products for consumers and small businesses deliver at least twice the range of 802.11g products. If you add in enterprise Access Points (AP), the range can grow well beyond that.

 

2) Runs on 5-gigahertz spectrum

 

802.11n runs on the 5-gigahertz spectrum, which is beneficial because there are fewer devices in that spectrum. By comparison, 802.11b and g run at 2.4- gigahertz. Many have had to move from b and g just to avoid interference with microwave ovens, cordless phones, Bluetooth, etc. Their environments were too noisy yielding too much interference. They literally had to change technology - to 802.11a, which also runs on 5-gigahertz spectrum - to fix their issues.

 

3) Backwards compatibility

 

As mentioned above, 802.11a runs on the 5-gigahertz spectrum while b and g runs at 2.4- gigahertz. Here's the cool part - n also runs on 2.4 and 5. What's the significance? Backward compatibility. Prior, 802.11a was not backwards compatible with b or g. It was a cost benefit issue on changing technologies. Now, those who have invested in either spectrum have an option to start upgrading to n. They simply take parts of their environment as necessary to the 5-gigahertz spectrum, which removes a lot of their interference while at the same time having complete backwards compatibility with all their b and g technology.

Google Maps Mania

By WildPackets on June 12, 2008 12:18 PM | No Comments | No TrackBacks

Two years ago, WildPackets released the first version of the Google Map Plug-in for OmniPeek. It was an instant hit then, and continues to be the most downloaded plug-in on the WPDN.

The Google Map Plug-in is free, so that is a pretty good reason to at least try it. But more than that, it is a compelling mash-up of two very useful applications. Since then, WildPackets has released a virtual army of Google Map downloads, including two OmniPeek Google Map Plug-ins, a remote Google Map client for the OmniEngine called OmniMapper, and a very simple to use, standalone Google Map application called PlaceMap. Ok, so that's only 4. Still, it is more Google Map applications than most companies have.

In case you don't know, the OmniPeek Google Map Plug-in maps the locations of network devices to the Google Map. Different colored markers are used to represent network devices, where each marker has a color that specifies the amount of traffic from a device. By clicking on a marker, a balloon appears with more information about the IP address. In the balloon, there are also helpful links that will take you to websites with more information about that IP address. The websites include DShield, Whois, SpamCop, and SenderBase.

This week, WildPackets posted a new version of the Google Map Plug-in, as well as a new version of the PlaceMap application to the WPDN. The new Google Map Plug-in is sporting a new look, with a fancy tool bar, and much better marker drawing. PlaceMap has all of the new features of the plug-in, plus it runs all by itself. No OmniPeek necessary. Of course, running within OmniPeek provides much more information about the network. But for high level monitoring, PlaceMap is a good place to start.

The Google Map Plug-in is what we call the good map. It represents all network traffic, or at least the traffic that can be mapped from an IP address to GPS coordinates. This is great for some types of monitoring, but when it comes to network troubleshooting, most IT people are only interested in the bad map. This is the map that displays network devices that are experiencing unacceptable levels of latency. In OmniPeek, we call this an Application Performance Index or APDEX score, and when a users APDEX score exceeds a certain threshold, an event is generated. Sound interesting? Well, we wrote a song about it. Actually, it is a plug-in called the APDEX Google Map. It is the "bad map", and only maps nodes whose APDEX scores have exceeded the specified threshold.

But ah, you have an OmniEngine? Or even better, you have multiple OmniEngines, running at different sites? Hmmm, then you should try OmniMapper. OmniMapper is a standalone Windows client that aggregates nodes from multiple distributed OmniEngines, and maps them all to the same Google Map.

And this is just the tip-o-the-berg. Who knows what we will do next. Actually, I do. :-} But if you have any requests, please let us know.

Throwin' Down The Decoder Gauntlet!

By WildPackets on May 21, 2008 12:19 PM | No Comments | No TrackBacks

I am throwing down the gauntlet! Hands down, WildPackets OmniPeek has the best protocol decoders on the market, and alway will. OmniPeek decoders are an interactive, extensible, and tightly integrated part of the application, and that is what I am going to focus on today.

I have been writing decoders for over 9 years, and I have seen a lot of decoders. Some are good, and some are really bad. But WildPackets decoders are great. First of all, they are a pleasure to look at. The color schemes and layout are very nice, and help to distinguish the various layers and fields of a packet. They can also be copied and pasted into other applications, and they can be saved to a file in numerous formats including text, html, and rtf.

I have heard through the decoder grapevine, that decoders have become a commodity. In some ways, maybe that is true, but my conspiracy theory is that most analyzer companies do not want to invest in their decoders anymore, because they need to develop and offer new products. We understand that protocol decoders will always be at the heart of protocol analysis, so we continue to invest in our decoders, and our unique decoder technology.

When comparing decoders, most people talk about the number of protocols that an analyzer supports. This number is important, and OmniPeek sports a huge number of them. In fact, according to our support website, OmniPeek decodes over 1,000 protocols and sub-protocols. However, every company counts their decoders differently, and some just get silly, claiming to decode many thousands of protocols. Well guess what, there really aren't that many protocols out there anyway, and of the total list, most are esoteric, and will never occur on your network. So really, the protocols you have on your network are supported by most analyzers. What really matters is how well the decoders are integrated into the rest of the analyzer, and how this helps you troubleshoot and solve network problems. And that my friend is where OmniPeek breaks through the clouds, and shines like the sun on a beautiful day.

When it comes to decoder integration, my all-time favorite feature is the Decoder Column in the packet list. The Decoder Column is off by default. This may be because it is simply too powerful for mortal men and women. But, if you want to be all that you can be, go ahead and turn it on. This is achieved by right clicking in the packet list headers, moving the cursor to the bottom of the menu, and enabling the Decoder Column. Once the Decoder Column has been enabled, every decoder field in every protocol layer, can be viewed in the packet list for every packet, at the same time. This is a mouthful, and might take a moment to sink in. But when you get it, you will realize how huge this is.

No other protocol analyzer has this type of tight integration with its decoders. What this allows you to do is see a decode field, or a whole decode layer, for multiple packets at the same time. This makes it much easier to compare decoder field values for different packets without having to select a packet, and look at the decode, and then select another packet, and look at the decode, and what was the value of the first packet again?

With the Decoder Column, the number of fields in the packet list are virtually infinite. But how can that be? Infinite is a very large number, right. Ah, that is where it gets interesting. In OmniPeek, decoders are not compiled into the program. No, no, no. In OmniPeek, the decoders are written in a special decoder language, that is optimized for protocol decoding. The decoders are in files that end with .dcd and are read from the decodes directory. This means that you have access to all of the source for all of the decoders.

But this is unlike open source, because you do not need to spend thousands of dollars on a compiler to modify Omni decoders, or even know what a compiler is. Instead, when OmniPeek runs, it reads the .dcd files automatically. This means that you can add new .dcd files, and change existing .dcd files all you want. The more decoders you have in the decode directory, the more functionality you are adding to the product. OmniPeek users do this all the time, for all kinds of reasons. It is a huge differentiator, and again illustrates the tight integration that OmniPeek has with its decoders, and in general the extensibility of OmniPeek that I am always raving about.

The Decoder Column is not the only way in which decoders are leveraged in OmniPeek. Searches for packets can also be done on the decoded text of the packet. Some folks are not aware of this, because the UI to access this functionality is maybe not as obvious as it could be. But basically, go to the Edit Menu, and choose Find Pattern. In the Find Pattern dialog, select "Decoded Text", and type in the label or value that should be in the decoded text of the packets you want to find. Again, because of the extensibility of the decoders, the number of fields you can search for are virtually infinite.

Ok, let's say you're convinced, and have decided to change a decoder, enhance a decoder, or write your own. As I mentioned before, there are many reasons to do this, which I will not focus on here. Instead, I will go full circle, back to the Decoder Column. This is because when you do stuff to the decoders, you are extending the program in numerous ways. We call this synergy, and it is some powerful mojo. By adding new decoders, or even fields to an existing decoder, you are adding new fields that can be displayed in the Decoder Column. This is why the number of fields in the packet list are virtually infinite.

I know, most people will not actually write a decoder, but if you need to, you can. Also, this is how WildPackets is able to stay ahead of the decoder games, and whip them out as quickly as we do. This is also what separates the decoders from the core product, so that new decoders and decoder fixes can be released periodically, without having to release a new version of OmniPeek. For example, in our Custom Engineering Division at WildPackets, we often write custom decoders for our customers. When we do this, the deliverable is simply a .dcd file, not a whole new release of OmniPeek.

For those folks who do write decoders, WildPackets offers a visual decoder debugger called Decoder Studio. It is on the WPDN, and is free for maintenance customers. Decoder Studio was modeled after the look and feel of Microsoft Visual Studio. It allows you to step through the decoders, one line at a time, and see the decode appear bit by bit, as the packets are being decoded. While stepping, you can see the code, the stack, variables, and lots other state. For a decoder guy like myself, it as indispensable tool. There are many other features in Decoder Studio that I won't go into detail here. If you want to try it out, head over to http://wpdn.wildpackets.com and download the Decoder Toolkit, from the Tools section of the Downloads page.

Have you tried the Decoder Column? What did you think? Have you written a decoder? How was it? We would love to hear about your experience, and any feedback or suggestions you may have about our decoders.

To overlay, or not to overlay, that is the question

By WildPackets on April 18, 2008 1:35 PM | No Comments
Most wireless networks evolve. They start out simple, with coverage in a few specific locations, like a conference room and the lobby waiting area. The network is used mainly by guests, so performance and reliability are not a focus - the network is a "nice-to-have" - and little or no network monitoring or troubleshooting is required. But employees become dependent on the wireless conference room access, and demand access from more locations and expect to have the performance and reliability characteristics of the wired network. The network grows, and so does the need for network analysis and troubleshooting. Given that the wireless coverage is still "spotty", portable network analysis - like that provided by OmniPeek running on a laptop - seems to fit the bill. Eventually the wireless network grows to cover the entire workspace, and it becomes a viable alternative to wired access. At this stage the network requires 24x7 monitoring and analysis. This just can't be accomplished with a portable solution. But with 20+ APs spread over 200,000 square feet, how can you be where the trouble is, and where it's occurring?

The only alternative has been "overlay networks" - a system of wireless sensors deployed within your wireless network. This approach is expensive, with both a significant up-front cost for all of the sensors and their management software, and an on-going cost to manage this "management network" network. But now you have a choice - to overlay or not to overlay, that is the question. WildPackets AP Capture Adapters for both Cisco and Aruba allow any managed AP, or a number of APs simultaneously, to be put into packet capture mode, acting as sensors only when needed. Though this implies a slightly more dense deployment of APs, it is still far cheaper than an overlay network, and it provides tremendous flexibility for capturing wireless packets - you can collect from anywhere, anytime, with the click of a button. Typical high-quality, enterprise-wide wireless deployments are designed with overlapping wireless coverage in mind anyway, so often times no additional hardware is required. Using only the AP management console and WildPackets' OmniPeek, you can monitor, analyze and troubleshoot your entire wireless network, using your existing hardware and without getting up from your desk.

Interested? The WildPackets AP Capture Adapters for Cisco and Aruba are all you need to get started, and they are freely available from MyPeek.

WildPackets and Extensibility

By WildPackets on March 6, 2008 12:23 PM | No Comments | No TrackBacks

In my previous blog entry, I gave a history lesson on the rise and fall of the NetGen Empire, and why being acquired by NetScout won't help either of them. Although there are many reasons why this will be the case, a glaring lack of APIs and extensibility, an area near and dear to me as a Developer Evangelist, is an obvious one.

In sharp contrast to the closed box mentality of the NetScout and Network General applications, is WildPackets' OmniPeek product line. WildPackets continues to innovate with major new releases, each one improving on every aspect of the technology, including the gorgeous user interface. With the most recent release of the OmniPeek 5.0 product line, WildPackets became the first vendor to offer 802.11n wireless analysis. This is huge, and nobody else has it.

As a solution, the OmniPeek product line has API's coming out of its ears, a developer network with 3000 members, a developer website with all kinds of useful extensions and source code, and a full-time Developer Evangelist and Custom Engineering Team. The plug-ins and source code on the WildPackets Developer Network, also known as the WPDN, are free to maintenance customers.

As the needs of WildPackets'™ customers change, the API's allow the products to be extended to meet those needs. Two examples of this are automation and analysis. Many companies use OmniPeek to test their own products, which they do over and over again. With WildPackets API's, the analysis on the back-end can be developed as plug-ins, and the tests themselves can be automated through API's on the front-end.

These API's have allowed WildPackets to integrate and partner with other vendors like Cisco, Aruba, and AirTight. These companies offer Access Points and Probes that can be used by OmniPeek to collect packets from different channels of the wireless network. What's more, the API's allow packets from multiple probes to be aggregated in real-time into a single capture. This solution, called Multi-Channel Analysis (MCA), allows engineers to perform roaming analysis and other types of analysis across channels. This measurement, up till now, has been a laborious and time consuming task that wireless engineers have performed by hand.

And the list of integration partners goes on and on, particularly in the area of wireless cards, where OmniPeek has more support for different wireless cards than any other vendor.

The most famous and innovative example of integration is the Google Map Plug-in, which maps the IP addresses captured by OmniPeek into the Google Map. However, the biggest demand is for application layer viewers for email, instant messaging, web pages, and so on. The API’s make it possible for WildPackets to keep up with the application layer viewing needs of its customers without changing the core product.

To aid the developer community in the creation of plug-ins for the OmniPeek product line, WildPackets has developed a Plug-in Wizard that integrates with Microsoft Developer Studio. This wizard generates plug-ins, with source code, allowing the developer to quickly create plug-ins, over and over again. This makes rapid prototyping and development of custom solutions easy and cheap.

Although scripting and plug-ins are the two primary ways to extend OmniPeek, other API's are available as well, and I will be talking about them in the future.

Free can be very expensive

By WildPackets on January 13, 2008 12:21 PM | No Comments | No TrackBacks

Recently, WildPackets did a study on the growing cost of rogue network access, and found that this is a problem that 25% of IT managers are spending more than 10 hours per week trying to solve. For many companies, the amount of time and money spent on network security will continue to increase as the number of telecommuters grows to 100 million by 2008.

Why is this, and what can be done to avoid it?

The problem is simple. Instead of investing in the best commercially available training and tools available for the long term, many companies are looking to save money in the short term. One way to save money now is to invest nothing. This is very dangerous, and not recommended under any circumstance. By investing nothing in network security, a problem that exists and must be addressed, companies inadvertently spend more, in wasted time and software development that is outside their core business.

Here is how it happens. The IT staff, tasked with network security and no budget, will do what they can for free. This is an honorable thing to do, and in their defense will show how much they have done, with so little money. Free is a tricky term though. And in the end, free can be very expensive.

You see, "free", in this context involves people spending time, often times developing software. This is a big red flag, and one that you should watch out for, and avoid. As we all know, time is money, and development requires a lot of both. Development includes creating tools from scratch, and using open source software, neither of which are free. On the contrary, they are investments, and expensive ones at that.

Just think about it. If your organization is a bank, a hospital, a branch of government, or even a database company, should it be investing in the development of network security software? Is that your core competence? Dare I say not. And by the way, finding an open source solution is not free at all. The many hidden costs including research, compilation, maintenance and training, all add up.

And when the local expert decides to leave the company, what do you do then? Who are you going to call? Not if, but when that happens, you are either going to continue sliding down the slippery slope of "free" software, or you are going to do what should have done in the first place, and buy WildPackets OmniPeek.

WildPackets has been at work, developing OmniPeek for every 20 years. If you add up the total hours invested, you get a very very big number. Trust me, this is a number of hours that you do not want to invest your own money into, for a problem that has already been solved. For a fraction of that price, IT can invest in and use OmniPeek to solve all of its network security problems. And when new IT staff come on board, trust me again, they will already know how to use OmniPeek. In fact, it should be on their resume.

WildPackets OmniPeek software and hardware solutions provide visibility into the entire network. WildPackets also provides training on network security and network troubleshooting. Investing in WildPackets significantly lowers TCO and increases ROI. To learn more, join in and listen to one of our regularly scheduled web seminars. Schedules and registration are posted on our home page.

Remember, packets never lie!

« VoIP Troubleshooting | Main Index | Archives