Is it the Application or the Network? You Can Tell with Deep Packet Analysis!
Every day, network engineers and systems administrators point their fingers and blame the other for poor application performance and user experience (I bet you can hardly believe this?). SysAdmins proclaim, “It’s the network!” While network administrators reply, “No, it’s the application!” However, the IT industry is increasingly recognizing and leveraging the value and utility of packet-level analysis, also called deep packet inspection (DPI) or just packet analysis, to help settle this debate.
Packet analysis involves capturing (by making a copy of through a TAP) and inspecting network traffic packets that flow between a client and a server. Typically, this is accomplished with a tool commonly referred to as a network or packet Sniffer . The most commonly used sniffer is the open source Wireshark®, which can be installed on a workstation or laptop. While Wireshark is a very capable tool, it is typically moved around and used only on an as-needed basis. It also requires a lot of skill to properly configure and use to capture and analyze packet flows. At the other end of the spectrum are a number of specialized appliances that perform high-throughput packet inspection and archiving, but are typically reserved for larger enterprises due to the deployment costs and technology knowledge required to use successfully. There’s not a lot of visibility solutions in between for the average IT department.