Protocol analyzers: Dos and don'ts

Front-line advice on getting the most from protocol analysis and enterprise monitoring tools

Become An Insider

Sign up now and get FREE access to hundreds of Insider articles, guides, reviews, interviews, blogs, and other premium content. Learn more.

As with any tool, protocol analyzers need skilled implementation. Here is advice from the front lines.

Read more in the companion article Protocol analyzers: How to choose and use them (no registration is required).

DO make sure you have the right expertise on your network operations and security teams to make effective use of protocol analysis tools to troubleshoot network problems, tune firewalls and other security devices, and investigate the cause of attacks on the enterprise.

In a large organization, chances are there are IT people with the right credentials to make effective use of these tools, but they are thin on the ground. "A lot of network admins would be stunned by what they see in Wireshark," says Opus One's Joel Snyder. Generally, look for experienced network engineers or security personnel with a strong hands-on background configuring network firewalls and intrusion-protection systems.

Your tech folks should have a thorough understanding of protocols and how they work, so they can quickly examine the packet captures, determine where the issues are and remediate them. Experienced pros can apply this knowledge to security and application issues as well as network operations.

To continue reading this article register now