Network analyser gets trigger happy

Fluke handheld has text strings in its sights

By Bryan Betts • Get more from this author

Posted in Enterprise Security, 19th January 2007 16:23 GMT

Free whitepaper – Extended Validation SSL Certificates

Fluke Networks says it has added security features to the latest version of its OptiView handheld network analyser, including the ability to use string matching to trigger the capturing of network traffic.

The idea of searching for, or filtering on, text strings is hardly new. However, Fluke says OptiView Series III can use free string matching to scan for words or phrases in the network traffic in real time, even at Gigabit speeds.

It claims that the technique allows the handheld device to detect events such as security violations and solve intermittent network performance problems. The text string could be an error message, say, or something relating to an unauthorised program, and would trigger OptiView to capture network traffic for analysis.

"The combination of free string match and trigger is a great tool to solve an issue I run into frequently. Now I can enter the error message the terminal receives from the server, trigger on it and capture the traffic around the event - before and after," said OptiView user Mike Pennacchi, of Network Protocol Specialists.

Fluke said that other new features in OptiView Series III include 802.1x authentication, Gigabit line-rate traffic generation and Internetwork Throughput testing, encapsulation-independent protocol filtering, application-level traffic analysis, and application-layer bounce charts for application performance visualisation.

Free whitepaper – Securing your Microsoft Internet Information Services (MS IIS) web server