What is A Network Traffic Analyzer
A network security analyzer is a network security tool that provides the ability to analyze data from a given network. This could mean a variety of things depending on the goal of the monitoring, but in general it provides two key services.
What are Examples of Network Traffic Analysis Tools and Services
The first service is the capture of network traffic. This can be done in an active or passive way, and ideally would not impact network speeds. Depending on the type of traffic being monitored, which could be as specific as certain protocols talking to a specific server, or as broad as all traffic flowing in and out of a network, different capture techniques can be used. Most often a network traffic analysis tool will capture as much raw data as possible, so that the data can later be parsed either manually by a security professional, or automatically by analysis software.
The second main service of a network traffic analyzer is the actual analysis capability. This will depend again on the goal and the implementation. Some analyzers can take all the raw data captured on a specific piece of equipment (such as a router) and perform trend analysis type functions, to aid security teams in finding malicious traffic patterns. Other tools, such as those used on advanced firewall appliances, perform inspections of each and every data packet passing through a network, and can watch for malware or network attacks in near real-time.
While these are the two main functions of a network traffic analyzer, they are not the only capabilities. Modern network traffic analysis tools can perform many security and even performance enhancement functions, such as traffic pattern analysis and automatic load balancing. The best thing to do is to understand how each tool could benefit a given environment, and work with an experienced network security team to implement a customized solution.