14 DAY TRIAL // Troubleshooting network problems is not a job for the average Joe, as it involves solid knowledge in order to get to the root of the problem. Aside from this, traffic analyzing tools are also required for the task.
There are plenty of such utilities on the market and some of them are free and extremely capable, although they do come with a steep learning curve.
Capsa network analyzer is available in three editions, one more feature-rich than the other. The simplest of them is free of charge, but its abilities are restricted to selecting between multiple adapter monitors and saving files manually. It also comes with a 4-hour usage per session restriction and the maximum limit of IP addresses monitored is 20.
The Professional edition ($695 / €550) evaluated below provides much more functionality, as there is no time limit for sessions and it supports multiple adapters, network TAPs, and multiple monitoring sessions.
The full-blown Capsa is Enterprise edition ($995 / €775) and encompasses the full range of features, such as diagnosis capabilities that can indicate anything that is out of the ordinary, based on specific analysis routines and customizable thresholds.
Getting Capsa Professional on the system is a simple task that also proposes the installation of additional tools that can help with the traffic analysis. You can choose not to rely on these tools, though.
Accompanying the main program are a MAC scanner, a packet builder, a ping utility, and a packet player that can open captured packet trace files and play them in the network.
Despite being a tool for professionals, Capsa benefits from a very user-friendly interface that comes prepared with a few profiles. Their availability allows starting the network analysis the moment the application is launched.
These are customized for dedicated analysis of the entire network or just of specific traffic (HTTP, DNS, POP3 and SMTP, FTP, or IM). There is the possibility to create additional analysis profiles that can monitor a combination of these protocols.
As soon as one of the profiles is selected, Capsa is ready to start sniffing the network and record what is going on. To make things simpler, the purpose of each profile is explained on the right-hand side of the screen.
Although this is an application for IT professionals, the statistics are displayed within easy reach in tabs at the top of the screen and you should have no trouble understanding them if you have some networking experience.
However, the tool is not for just about anybody, because the level of detail can get quite deep. By default, the Dashboard shows graphs with the total number of bytes passing through as well as a top with the most active nodes and protocols. More charts can be added by right clicking on the title bar of any of the existing ones.
Capsa provides all the information neatly arranged in order to reach it in the easiest manner possible. The statistic tabs at the top of the page present the details broken down according to their type.
You can check the network communication according to MAC addresses, IPs, or protocols; moreover, it can list the packets captured along with decoding information (where possible).
Additional possibilities include viewing the stats for conversations between two IPs, MAC addresses, and those carried through TCP and UDP.
Filters can be applied to avoid wading through all the details to reach relevant information. These can be created either by using simple rules that involve defining the relationship between IP addresses or ports as well as by mixing in parameters like protocol, size of the packet, type of content, and the relationship between them.
Configuring Capsa is nothing fancy. The list of options allows customizing the set of the objects the application monitors, enabling and defining the packet buffer size, deciding on the packet filtering options (which ones are accepted or rejected), and enabling log saving.
Furthermore, the application includes an alert function that can be triggered by specific events, according to the monitored objects: traffic, packet size distribution, IP, protocol, DNS, FTP, email, or HTTP analysis. Both trigger and release settings are provided in the same panel.
With all the information it provides, Capsa may seem like a daunting utility, but the way all the details are arranged and the documentation available on the developer’s website and in the application itself can encourage even less experienced users to at least give it a try.
On the other hand, the price and its purpose are not exactly inviting and make it clear that its usefulness lies with IT professionals needing a quick and easy way to check packets traveling across the network and the origin and destination of the various connections.
The Good
Organization of the captured data makes it very easy to find the relevant details, and the app comes with a nice way to create custom reports. The alarm function can alert of specific statistics or traffic status of the network.
