/ciol/media/agency_attachments/c0E28gS06GM3VmrXNw5G.png)
Follow UsSwapnil Arora
Observer is a 64-bit application that can run on wired as well as wireless networks. However, it can be used on 32-bit machines also. It can analyze, monitor and troubleshoot your network on the fly. It provides an instant view of captured packets and can also present them in a readable format. The software can provide information about things like bandwidth utilization, load on your wireless access points and VLANs, analysis of Internet traffic, routers, etc, all in real time. It has some very effective filters for specific packet types that can help you analyze specific problems on your network quickly and easily. It can also send off e-mails and pagers to the network administrator when it finds any anomalies or attacks on your network.
|
It has a neat feature called Traffic Generation, which can generate heavy traffic on your network and help you stress test it. This feature is useful if you're planning to deploy a new application, and would like to know how much juice your network can really take. It provides network trending and detailed reporting to help you keep an eye on overall health of your network. When run for the first time, Observer asks you to choose the network interfaces on which you want to use with it.
Step 1: Create filters
To create a filter for capturing packets, click on Actions on the Menu Bar and choose 'Filter Setup for Selected Probe.' A window will pop-up where you will see various groups like Hack Filters, Virus Filters, Wireless Filters, etc. There will also be some pre-defined filters under each category. You can use any of these filters as is or customize them.
| Observer's UI makes rule-creation very simple |
You can also create a new filter. For this, click on New Filter button, provide a name for the new filter and click on OK. A new window will open, where you can create your own filters based on addresses, ports, protocols, errors etc. Once the filter has been created you can start capturing packets. Click on the Capture button on the Menu bar and then on Packet Capture. Now the Packet Capture window will appear on your screen. Here click on Start. Once it has started capturing packets, you can see details about them in real time.
Step 2: Analyze VLANs on your network
To see VLAN statistics, click on Statistics tab in the Menu bar and choose VLAN Statistics. A new window will pop-up. Here click on Start and it will start showing you the number of VLANs you have and their statistics.
|
|
|
Analyze your VLANs with real time graphs |
In case you don't have any VLANs created on your network, the window will display 'No VLAN' under the VLAN column but will still continue to provide statistics on your network. The VLAN Statistics window will show you details about broadcasts, multicasts, packets in the network and network utilization (in percentage).
Step 3: Expert analysis
Now let's see how you can analyze data using Observer. From the Packet Capture window, select the View icon and then click on Expert Analysis tab at the bottom of the Decode display. Here the window will show you the network utilization graph and just below it, the Network Condition summary, which shows you the problems detected on the network and their count. Similarly, you can see Protocols, Top Talkers, Application Analysis, etc by selecting them from the bottom window.
| Expert Analysis examines more network parameters |
To see the Network Trends from the Menu bar click on Trending/Analysis and then on the Start Network Trending Viewer. In Viewer window click on the date whose network trends you want to see. You can view trends in three ways: Internet Patrol, IP to IP Pairs Matrix and TCP/UDP
Application Tree.
Step 4: View network traffic reports
Observer lets you create and view reports about activities on your network on a Web browser. For analyzing the different activities, select Trending/Analysis tab from the Menu bar and click on Start Web Browser Report. An Explorer window will open with the Trending Report Library. Here you'll find detailed reports pertaining to different tasks such as the network summary, Internet usage, Application Analysis, VLAN, etc. These provide a good insight of the state of your network.
| You can view detailed reports in a Web browser |
Source: PCQuest