Skip to main content

Packet Analysis

Contents

    What is Packet Analysis?

    Packet analysis is a primary traceback technique in network forensics, which, providing that the packet details captured are sufficiently detailed, can play back even the entire network traffic for a particular point in time.

    In reference to packet capture, it also refers to the analysis of identified, captured, and documented packet data so a security operations center (SOC) can determine the source of a network error, breach, or security threat.

    What are the benefits of Packet Analysis?

    Network data can be analyzed, and network traffic can be segregated by type, using purpose-built software. When captured, stored, and processed efficiently, network packets can be used in forensic investigations, and may even provide admissible evidence against a suspect in a court case. It can be used to find traces of nefarious online behavior, data breaches, unauthorized website access, malware infection, and intrusion attempts, and to reconstruct image files, documents, email attachments, etc. sent over the network.

    Related Products

    LiveNX

    Network Performance
    Management Software

    Learn More

    LiveWire

    Extend Network
    Monitoring

    Learn More

    LiveCapture

    Packet Capture
    and Analysis

    Learn More

    Related Glossary Terms

    Glossary

    QoS (Quality of Service)

    QoS, or quality of service, is key to ensuring the performance of critical applications on a network. Learn how QoS works and its benefits.

    Glossary

    Protocol Analyzer

    A protocol analyzer is an essential tool for network operations. Protocol analyzers act as a vital intermediary between devices within a network, allowing administrators to gain valuable insights into the active communication between these devices.

    Glossary

    Ransomware

    By encrypting “stolen” files and demanding a ransom payment for the decryption key, bad actors force organizations to pay a ransom because it is sometimes the easiest and most cost-effective way to regain access to the files.

    Glossary

    Encrypted Network Traffic

    Encryption is a data security practice that converts normal, readable information into an unintelligible cypher. Once network traffic is encrypted, it can only be accessed by authorized users with a key, or by advanced encryption practices that can decode cyphertext. This process allows organizations to safely move confidential and sensitive information around without exposing it to bad actors.

    Glossary

    Packet Loss

    Packet loss causes reduced throughput, diminished security, and other issues in your network. Learn about causes and effects and how you can mitigate its impact. 

    Glossary

    Threat Hunting

    Threat hunting is the practice of an organization’s security operations center (SOC) to proactively search for cyber threats that are lurking undetected in an organization’s network.