I’m currently evaluating network analysis tools to support with assessment projects at Dell.
On a recent onsite engagement, a colleague suggested that I check out Fluke Networks’ ClearSight Analyzer for application analysis. I was really impressed with its ease-of-use, and ability to quickly highlight application layer traffic. It provides real-time monitoring through an intuitive, appealing display.
ClearSight Analyzer also supports Wireshark format captures, though it appeared to provide reduced detail for analysis compared to native ClearSight capture files. It also highlights errors or issues detected with a particular network flow. I’m finding that more projects are requiring network assessment and analysis to extend up to layer 7, so this tool from Fluke definitely deserves a closer look.
As well, I plan to dive deeper into Opnet’s Application Performance management Suite, in particular AppResponse Expert.
In the meantime, I always like to plug open-source projects, and Wireshark is absolutely a must-have tool for network analysis. It does demand some investment to uncover more advanced functionality, but the effort is well worth it simply for the exposure to application-specific protocols and data traffic.