What is deep packet capture?
Packet capture is the act of capturing data packets crossing a network. Deep packet capture (DPC) is the act of capturing complete network packets (header and payload) crossing a network. Once captured and stored, DPI software tools can perform Deep packet inspection to review network packet data, perform forensics analysis to uncover the root cause of network problems, identify security threats, and ensure data communications and compliance.
Solera Networks' DS Appliances can be coupled with DPI and can help manage, inspect, and analyze all network traffic in real-time at wire speeds while keeping a historical archive of all network traffic for further analysis.
Please update your Flash player to see the video and learn more about Deep Packet Capture
Full Transcript of the Video
What is Deep Packet Capture? Deep Packet Capture, or DPC, is the practice of capturing complete network packets including header and payload crossing a given network. Once captured, these packets may be stored for in depth search and analysis.
Generally, deep packet capture devices have the ability to capture packet data from layer two through layer seven and write this data at full line rates to large storage arrays. For extended views or for archival purposes, having the ability to address very large arrays, that is, in excess of 100 terabytes, is a must.
Deep packet capture devices may also have the ability to limit or categorize traffic through the use of ingress and egress filtering.
Packet data can then be replayed at the rate it was captured or at a faster or slower speed to accommodate the speed of the analysis tool.
Deep packet capturing storage is used to troubleshoot network outages, pinpoint security breaches, replay actual traffic events, and simplify compliance with internal policies and external legislative mandates.
The practice of historical capture and analysis provides the user with context as to why alerts were generated. Combined with DPI and other tools, Deep Packet Capture provides a powerful solution for full network visibility, finally answering the question: What happened on my network?
Hide
Deep Packet Capture on Wikipedia
www.dpacket.org