Home |  Wireshark Review |  Kismet Review |  Capsa Review |  Nagios Review |  NetFlow Review  | Sawmill Review |  Network Glossary


What is a network protocol analyzer?

A network protocol analyzer is a combination of programming and hardware and in certain cases, a separate hardware device that can be installed in a network or computer in order to improve its security level against viruses and other types of malicious activities.

What does a network protocol analyzer do?

A network analyzer is basically designed to monitor a network with the purpose of identifying suspicious activities. If such activities are detected, the NPA will alert the admin about it. Therefore, anyone who wants to make sure their network is fully protected from viruses, malware, adware and similar infections should certainly consider using a NPA.


An NPA can:

1. Display all stats on a user friendly control panel.

2. Create app specific plug-ins.

3. Analyze bandwidth usage as a function of time.

4. Look for particular data strings in packets.

5. Configure alarms for predetermined threats.

6. Identify packet destinations or sources.

7. Recognize peculiar packet characteristics and levels of network traffic.

8. Detect potential security vulnerabilities by testing anti malware programs.

9. Provide specific stats for recent and current network activity.

Note: It's very important to keep in mind that network protocol analyzers aren't intended to be used as replacement for spyware detection software, antivirus software or firewalls. Using one is only for the purpose of improving network security, since it can lower the probability that an attack will occur and can also offer swift response in the event such an attack does happen.

Choosing and implementing a network analyzer

When used as a corporate security tool, it's important to keep in mind that a NPA needs to be distributed since this is going to make it possible for it to cover all of the network's areas. On top of that, the NPA should also be capable of capturing and decoding all protocols from every type of media, including 802.11, WAN, Ethernet, etc) on which the corporate data flows.

It's essential that the NPA also supports flexible filtering that’s capable of allowing triggered notifications. After all, NPA will only be capable of capturing and decoding data it can actually understand. Therefore, if it's going to be used in a switched network environment, then it's only going to detect the traffic that’s local to the switch.


It's important to keep in mind that a NPA will never replace antivirus software, anti malware programs and firewalls. Its purpose and role is that of improving network security by alerting the admin when an infection has occurred so that he can take the necessary steps to remove it as soon as possible.

Network analyzers Reviews and Tutorials

We offer reviews, tutorials on the best network analyzers both software and hardware monitoring tools and services. Before purchasing or downloading any network analyzer or monitoring tool, be sure to read our Wifi Network Analysis products and services reviews web pages. We also offer a small Network Glossary, which shows you a list of Wifi specific terms and definitions.

Copyright 2015 WireShark.Com. All rights reserved.
All information on this website is free of charge and is given without warranty.
WireShark.Com is in no way affiliated with Ethereal WireShark.