Observe' your Network Closely

PCQ Bureau
New Update

Observer is a 64-bit application that can run on wired as well as wireless

networks. However, it can be used on 32-bit machines also. It can analyze,

monitor and troubleshoot your network on the fly. It provides an instant view of

captured packets and can also present them in a readable format. The software

can provide information about things like bandwidth utilization, load on your

wireless access points and VLANs, analysis of Internet traffic, routers, etc,

all in real time. It has some very effective filters for specific packet types

that can help you analyze specific problems on your network quickly and easily.

It can also send off e-mails and pagers to the network administrator when it

finds any anomalies or attacks on your network.



IT Managers

USP:It lets you analyze both wired and wireless networks

Network Analysis 

It has a neat feature called Traffic Generation, which can generate heavy

traffic on your network and help you stress test it. This feature is useful if

you're planning to deploy a new application, and would like to know how much

juice your network can really take. It provides network trending and detailed

reporting to help you keep an eye on overall health of your network. When run

for the first time, Observer asks you to choose the network interfaces on which

you want to use with it.

Step 1: Create filters

To create a filter for capturing packets, click on Actions on the Menu Bar and
choose 'Filter Setup for Selected Probe.' A window will pop-up where you

will see various groups like Hack Filters, Virus Filters, Wireless Filters, etc.

There will also be some pre-defined filters under each category. You can use any

of these filters as is or customize them.

Observer's UI makes

rule-creation very simple

You can also create a new filter. For this, click on New Filter button,

provide a name for the new filter and click on OK. A new window will open, where

you can create your own filters based on addresses, ports, protocols, errors

etc. Once the filter has been created you can start capturing packets. Click on

the Capture button on the Menu bar and then on Packet Capture. Now the Packet

Capture window will appear on your screen. Here click on Start. Once it has

started capturing packets, you can see details about them in real time.

Step 2: Analyze VLANs on your network

To see VLAN statistics, click on Statistics tab in the Menu bar and choose

VLAN Statistics. A new window will pop-up. Here click on Start and it will start

showing you the number of VLANs you have and their statistics.

Analyze your VLANs with real time graphs

In case you don't have any VLANs created on your network, the window will

display 'No VLAN' under the VLAN column but will still continue to provide

statistics on your network. The VLAN Statistics window will show you details

about broadcasts, multicasts, packets in the network and network utilization (in


Step 3: Expert analysis

Now let's see how you can analyze data using Observer. From the Packet Capture
window, select the View icon and then click on Expert Analysis tab at the bottom

of the Decode display. Here the window will show you the network utilization

graph and just below it, the Network Condition summary, which shows you the

problems detected on the network and their count. Similarly, you can see

Protocols, Top Talkers, Application Analysis, etc by selecting them from the

bottom window.

Expert Analysis examines more network parameters

To see the Network Trends from the Menu bar click on Trending/Analysis and

then on the Start Network Trending Viewer. In Viewer window click on the date

whose network trends you want to see. You can view trends in three ways:

Internet Patrol, IP to IP Pairs Matrix and TCP/UDP

Application Tree.

Step 4: View network traffic reports

Observer lets you create and view reports about activities on your network on a
Web browser. For analyzing the different activities, select Trending/Analysis

tab from the Menu bar and click on Start Web Browser Report. An Explorer window

will open with the Trending Report Library. Here you'll find detailed reports

pertaining to different tasks such as the network summary, Internet usage,

Application Analysis, VLAN, etc. These provide a good insight of the state of

your network.

You can view detailed reports in a Web browser