Using a Packet Analysis Tool
Packet analysis stands out as a vital part of network administration for even the most experienced network administrators. When it comes time to optimize the performance of your network and your applications, you simply must have a deep packet analysis tool.
- 1 Using a Packet Analysis Tool
- 2 What is SolarWinds?
- 3 What is Wireshark?
- 4 What is Deep Packet Analysis?
- 5 SolarWinds Response Time Viewer for Wireshark (FREE TOOL)
- 6 Using SolarWinds Response Time Viewer for Wireshark
- 7 Addressing Slow Application Response Time
- 8 Pros
- 9 Cons
- 10 A Good Choice For Network Monitoring?
- 11 Deep Packet Analysis with Simplicity
In 2014, SolarWinds Response Time Viewer for Wireshark first made headway as one of the most versatile deep packet analysis tools on the market.
Through Response Time Viewer, users can read Wireshark packet capture files and break down their application response times, network response times, application ID, and traffic volume. All of these data points allow the user to see how an application’s performance is affected. The strength of the platform has led SolarWinds to become a market leader in the world of deep packet analysis and network management.
SolarWinds has made waves because it provides IT professionals with a cohesive packet analysis tool that cuts right to the heart of what’s happening on their network. Administrators don’t have to spend hours manually troubleshooting a slow application.
In a nutshell, SolarWinds Response Time Viewer for Wireshark is an application that can:
- Analyze Wireshark capture files
- Break down application and network response times
- Break down display data and transaction volume
SolarWinds Response Time Viewer for Wireshark takes data from Wireshark and automatically analyzes it. All the user needs to do is export a .PCAP file from Wireshark into Response Time Viewer to start analyzing packets. The user can then view the response times for their network and the application. This helps to assess whether poor performance is rooted in an application or the network itself.
What is SolarWinds?
SolarWinds is a company that provides IT management software to enterprises and individual users. SolarWinds Response Time Viewer and Network Performance Monitor have become very popular amongst IT professionals the world over. The company has emerged as a network management solution provider that enable organizations to monitor their IT infrastructure through simple user interfaces.
What is Wireshark?
Wireshark is a free and open-source tool for analyzing network traffic and packet transfers. Many refer to it as a ‘packet sniffer’. It is available on Windows, Unix and Linux. Wireshark analyzes packet transfers in client-server transactions that are used to monitor network protocols. At its core, Wireshark is about troubleshooting a poor user experience.
In other words, Wireshark is a core component of any professional administrator’s toolkit. The program has gained a reputation as one of the most popular tools for conducting manual packet analysis. The problem with Wireshark is that, if you don’t use enough filters, you can quickly become inundated with irrelevant data. This is where SolarWinds comes in.
Response Time Viewer takes the data acquired from Wireshark and adds filters before exporting the data back into Wireshark. Data obtained from a Wireshark packet capture is broken down even further with deep packet analysis. For the user, this not only increases network transparency but makes it much easier to spot network inefficiency.
What is Deep Packet Analysis?
Before we get to SolarWinds Response Time Viewer itself, it’s important to explain deep packet analysis. Deep packet analysis and deep packet inspection are the names given to a type of data processing that examines the contents of data exchanged through your computer.
Your computer sends information to the network in packets, which have a label identifying their name, where they’re coming from, and where they’re going. A deep packet analysis tool like Response Time Viewer allows you to open up the contents of these packets for further inspection. IT administrators can then use this information to troubleshoot their network infrastructure.
Deep packet Analysis is primarily used to monitor the quality of experience. The most popular deep packet inspection tool on the market is Wireshark. Wireshark offers capture and display filtering alongside complex data screens for data analysis. You can measure network and application response time. Network response time is how long it takes for a packet to transfer from the sender to the receiver. Network latency is dependent on a number of factors such as network routing, serialization delay, and speed of light propagation delay.
SolarWinds Response Time Viewer for Wireshark allows the user to measure these factors and identify how their network can be optimized to improve performance. By using a deep packet analysis tool for quality of experience monitoring, an admin can improve the end user experience. In short, these tools can optimize the performance of an enterprise scale network infrastructure.
SolarWinds Response Time Viewer for Wireshark complements Wireshark because it allows the user to conduct deep packet analysis with much better filters than what Wireshark uses by default. Deep packet analysis, also referred to as deep packet inspection or packet analysis, breaks down transferred packets and assesses any performance problems. Response Time Viewer acts as a network diagnostic tool.
You capture network traffic on Wireshark and export it in a .PCAP file into Response Time Viewer. This can then be analyzed by the user. SolarWinds’ software is very versatile in how it can capture packets and analyze packet transfers. The depth of the platform is surprising as well; SolarWinds Response Time Viewer can detect around 1,200 applications.
Deep packet analysis allows you to identify changes or issues that are affecting application performance. Through SolarWind’s platform, you can judge whether an application is faulty or slow due to network inefficiency. This is incredibly useful for maintaining a diverse enterprise-level IT infrastructure.
Without a doubt, one of SolarWinds biggest selling points is its price. Deep packet analysis is extremely expensive at the enterprise level, but Response Time Viewer can be downloaded for free. The extensive functionality of Response Time Viewer stands up to even the most expensive deployable packet analysis solution.
Enterprises looking for more extensive features can also use SolarWinds Network Performance Monitor to use additional DPI technology and conduct exhaustive packet analysis. Though this isn’t free, its competitive price of $3,000 beats out a lot of competition. This makes it an ideal choice for SMEs and enterprises looking to maximize cost efficiency.
Using SolarWinds Response Time Viewer for Wireshark
In order to use Response Time Viewer for Wireshark, you need to have Wireshark installed. Wireshark can be downloaded for free through their community website. Likewise, Response Time Viewer can be downloaded from the SolarWinds site. The ease of access to these two tools makes them extremely convenient for both new and advanced users.
If you’re looking to download Response Time Viewer, one of the main uses of this software is to determine the cause of slow application response times. SolarWinds makes it easy to import Wireshark data into the Response Time Viewer via a .PCAP file.
Once the data is on Response Time Viewer, you can break it down into a variety of metrics: application response time, network response time, data volume, and transaction volume to monitor fluctuations in performance. These metrics are great for running diagnostics on your local network and virtual cloud-based applications.
For newer users, using SolarWinds Response Time Viewer couldn’t be simpler. You can simply start capturing network packets and export them to SolarWinds. Then just find the captured file and click the Analyze button. This keeps the overall analysis time low so you don’t have to spend ages sifting through menus before getting to the issue at hand.
Once the exported file loads, you can start analyzing the packets via the Response Time Dashboard. If you move your cursor over an application, you’ll raise a small orange box providing a breakdown of network and application response times. This will tell you everything you need to know about what is slowing down an application’s performance.
SolarWinds has embraced exporting files as a two-way street as well. You’ll notice that you can export files back into Wireshark with ease through the use of a filter. You simply highlight the application you want to filter and then click Export. This reduces the amount of time needed to search through packet data. On many other packet analysis tools, this process can be quite time consuming.
In many ways, Response Time Viewer acts as a filter. One of the most common problems with packet analysis tools is that they provide you with too much information. This is problematic because analyzing network packets is impossible if you can’t set aside the noise. SolarWinds Response Time Viewer does a great job of allowing the user to easily identify network packet issues with its simple metrics and search function.
Addressing Slow Application Response Time
As touched on above, SolarWinds’ primary purpose is to run diagnostics on applications with slow response times. On cloud-based servers, Response Time Viewer is a lifesaver in terms of troubleshooting because you don’t need control over an application or server in order to run packet analysis.
Once you pull a Wireshark trace and export it into SolarWinds, you can start to break down the difference between network delay and application delay. The network response time and application response time window is shown in the image below:
As you can see, SolarWinds Response Time Viewer allows you to compare the difference between the Network Delay and Application Delay present in your IT environment. You can export this by selecting the dataset and clicking on the Export Selected button on the bottom right of the page.
- Builds on the functions native to Wireshark and improves the filtering process.
- Analyzing imported packet captures from Wireshark is easy. All you need to do is press the ‘Analyze’ button to start reviewing an app.
- SolarWinds Response Time Viewer’s metrics make it easy to see response time data. After clicking analysis you are shown the network response time, application response time, data volume, and transaction volume present on your network.
- The user interface is incredibly simple to use. You can navigate between numerous tools via the tabs, which cover everything from MySQL to HTTP and Skype. You can also type in the search bar to find a particular piece of data.
- Supports multiple file formats such as PCAP, PCAPNG, CAP, 5VW BFT, TR1 and SNOOP. This provides versatile file coverage that matches the needs of IT professionals.
- SolarWinds also enjoys an excellent support community. Their support forum on Thwack is home to over 150,000 users who can assist with any technical concerns you may have. This is great for new users learning and troubleshooting the platform.
- SolarWinds Response Time Viewer only works with Wireshark packet captures. Most users will be using Wireshark anyway, but it is worth noting that it isn’t compatible with every platform on the market.
- If you’re looking for an expansive network management solution, SolarWinds Response Time Viewer isn’t what you’re looking for. It’s a great deep packet analysis tool, but if you’re looking for additional network management functions, then you’re better off paying for a program like SolarWinds Network Performance Monitor.
A Good Choice For Network Monitoring?
Even though SolarWinds Response Time Viewer is an excellent packet analysis tool, it falls short of a complete network monitoring solution. If you’re looking for a platform with the potential to manage an entire network infrastructure, then SolarWinds Network Performance Monitor (NPM) is probably a better fit.
While you can conduct detailed response time analysis with Response Time Viewer, tools like NPM allow you to analyze data from all active equipment on your network. So if you’re looking to use SolarWinds Response Time Viewer as a stand-in for a complete network monitoring tool, you might want to try an alternative program like NPM instead. However, if you just want a packet analysis tool, then Response Time Viewer should be your number one choice.
Deep Packet Analysis with Simplicity
Many new users expect Response Time Viewer to be complex, but it only takes the user a matter of minutes to settle into its intuitive design. One of the reasons why Wireshark has dissuaded newer users is because it overwhelms them with data. By taking a barebones approach in terms of its UI and metrics, Response Time Viewer makes packet analysis simple.
You don’t have to spend hours manually troubleshooting; simply click Analyze and start optimizing your network. The icing on the cake is that you don’t have to waste hours working out whether the network or an application is at fault for poor performance. For individual users, this makes a large difference, but for an enterprise-scale organization, it will make a monumental difference.
In the world of network management, time is money. Response Time Viewer does an excellent job of reducing the amount of time spent analyzing. While Response Time Viewer isn’t without its issues—mainly its lack of support for non-Wireshark packet analysis—it’s a great tool. If you’re looking for a program to support your Wireshark usage, then you should definitely consider downloading this program as an alternative. For deep packet analysis, there’s no better choice.