• New Delhi, India
  • 011-4161 5459
  • info@khushicomms.com
Net.Shark: TAP + Packet Filtering
You are here: Home \ Net.Shark: TAP + Packet Filtering

Net.Shark.front.rb

Net.Shark: TAP + Packet Filtering

Net.Shark is a FPGA based Tap with filtering capabilities, that connected in pass-through mode, is able to capture traffic at wire-speed. Packets are transmitted through two ports and traffic compliant with one of the filters is sent to Wireshark.

Wireshark is a network packet analyzer to examine communication network. Important features are: live packet data capture, display packets with very detailed protocol information, open/save data, import/export from/to other programs. It can search/filter data on many criteria. Wireshark is open source and probably the best packet analyzer available.

Features and Benefits

Net.Storm.test

  • World first hand-held, battery and 100% autonomous TAP
  • Hardware (FPGA) performace
  • Breaks out FDX traffic into separate streams to be dropped
  • It may aggregates filtered traffic to one DROP port into a single output stream
  • Traffic Regeneration

Filters

Net.Storm.platform

  • Sixteen (16) simultaneous filters can be applied to the traffic
  • Ethernet source and destination MAC addresses
  • Selection of MAC address sets with masks
  • Ethertype value with selection mask
  • VLAN-VID with selection mask
  • VLAN-CoS value with selection mask
  • IP source, destination, and source-and-destination
  • IP address group: subset of addresses filtered by masks
  • Protocol encapsulated in the IP packet (TCP, UDP, Telnet, FTP, etc.)
  • DSCP field, single value and range
  • TCP/UDP port, single value and range
  • Agnostics filters defined by 16 bits masks and user defined offset
  • Lawful filter: 64 byte pattern match at any place in the frame payload

Users

  • Any Wireshark user requiring GbE performance
  • VoIP providers and installers
  • R+D centers
  • Law applications

First hand-held Tap in the market

Mirror ports may not provide 100% of network traffic if they are over-subscribed because this process works in background in low priority; moreover it may not even be available for use when necessary. It may also occur that to monitor multiple network channel or VLAN simultaneously and aggregate the data to your network analysis cannot be possible because of the complexity of the set up and execution process.

PCs executing protocol analyzers like Wireshark lack power capacity and traditional taps cannot be moved easily and always depend on another external device because are not self contained. Once you get the traffic there are still limitations such as FDX capture, jitterless timestamp, or field storage of captured data that may only be overcame with a hand-held field tap such Net.Shark.