Archive

Posts Tagged ‘Colasoft’

How to Use Capsa Network Analyzer for VoIP Analysis

May 20th, 2018 No comments

Capsa network analyzer provided VoIP analysis since v7.8 and made improvement in v10.0 . Now, v11.1 supports both SIP and H.323 protocol, and it can also analyze RTP media flow when signaling packets are not captured.

Voice over Internet Protocol(also voice over IP, VoIP or IP telephony) is a methodology and group of technologies for the delivery of voice communications and multimedia sessions over Internet Protocol(IP) networks, such as the Internet, Intranet or LAN. Nowadays, VoIP is used widely because of the cheap price and convenience.

In this article, we will show you how to use Capsa network analyzer for VoIP analysis.

1. Enable related options of VoIP analysis before capturing the traffic

Set Analysis Profile

Figure 1: Set analysis profile settings

Enable VoIP Analysis

Figure 2: Enable VoIP analysis

Select Analysis Project

Figure 3: Select Analysis Project

Display VoIP Call

Figure 4: Display VoIP Call

2. View the No-signaling flow in the VoIP Call View

If we want to analyze RTP media flow without signaling, we should configure RTP in the System Option first. Click “Add” button, configure the address info and media info, and click “OK” button.

RTP Configuration

Figure 5: RTP Configuration

3. Go to VoIP Call View for the detailed information about VoIP calls

VoIP Call Summary

Figure 6: VoIP Call Summary

The VoIP Summary View includes an upper pane and a lower pane.

The upper pane displays the MOS_A distribution, MOS-V distribution, call status distribution, call codec types, and call event distribution, for SIP calls or for H.323 calls.

The lower pane displays network traffic statistics, call statistics, and SIP statistics for SIP calls or H.323 statistics for H.323 calls.

VoIP Call View

Figure 7 : VoIP Call View

The VoIP CallView also contains an upper pane and a lower pane. The upper pane lists VoIP call records.

The following table lists and describes the columns for the VoIP Call tab.

VoIP Call Tab

Figure 8 : VoIP Call Tab

The MOS value, Jitter, Packet Loss and Max Latency are important metrics to evaluate VoIP call quality.

The lower pane displays information for the VoIP call selected on the upper pane, and it includes two parts: the left part and the right part.

The left part displays a VoIP call hierarchically, including the control flow and media flow information for the selected call on the upper pane, and the right part shows Time Sequence tab, Packets tab, and Statistics tab for the selected flow on the left part.

4. Replay audio and video streams.

Capsa network analyzer is able to replay audio and video in the VoIP calls. Double-click the audio/video flow (marked with red rectangle in following screenshot), the audio/video flow will be played automatically.

Media Flow

Figure 9 : Media Flow

For SIP calls, audio based on following codecs can be played: G.711/a, G.711/u, GSM, BV32, Speex, PCM. Video based on following codecs can be played: H.264 (unencrypted), H.263(unencrypted), Mp4v-es.

For H.323 calls, audio based on following codecs can be played: G.711/a, G.711/u, GSM. Video based on following codecs can be played: H.264 (unencrypted), H.263(unencrypted).

The audio for playing is .wav, and the video for playing is .avi. To play the audio/video, please make sure the machine is installed with the player which supports the .wav and the .avi formats.

5. View IP addresses related to the VoIP calls in the VoIP Explorer.

IP Addresses

Figure 10 : VoIP Explorer

VoIP Explorer contains the IP addresses which are related to VoIP calls, and the IP addresses are sorted according to the rules for IP Explorer.

When a specific node is selected, the right pane only displays statistics related to the node.

6. Make graphs for VoIP calls.

In the dashboard tab, we can click SIP, H.323 or no signaling option to show the VoIP call statistics graphically.

We can click to customize VoIP graphs.

Voip Graphs

Figure 11 : VoIP Graphs

7. Make alarm for VoIP calls.

Capsa network analyzer provides alarm function for VoIP calls statistics. Set the Counter and Triggering condition to create a VoIP alarm. If we choose to get the alarm notification via email, then we will receive an e-mail once the alarm is triggered (Need to configure alarm notification first.)

Voip Alarms

Figure 12 : VoIP Alarms

8. Make reports for VoIP calls.

Capsa network analyzer supports making reports for VoIP calls statistics. We can go to Report tab to create a new report or right click the VoIP explorer to make a report. Select the statistical items for the report, type the reference value and specify the unit for each statistical item.

Voip Report

Figure 13 : VoIP Report

9. View VoIP logs.

In the Log tab, there are two different kinds of VoIP calls. VoIP signaling Log and VoIP Call Log. VoIP Signaling Log records the details of VoIP calls.

Voip Log

Figure 14 : VoIP Log

VoIP Call Log records VoIP calls. One VoIP call is recorded as one VoIP Call Log.

Voip Log

Figure 15 : VoIP Log

Colasoft Announces the Release of Capsa Network Analyzer 11

May 20th, 2018 No comments

February 12, 2018-Colasoft Co., Ltd, an innovative provider of network performance analysis and diagnostics solutions, today announced the release of its latest Capsa Network Analyzer, version 11, a real-time portable network analyzer for wired and wireless network monitoring, bandwidth analysis and network troubleshooting.

Capsa 11 has added support for IPv6 packet analysis, including endpoint analysis and conversation analysis based on IPv6 protocol. In the Packet view, if users want to see only IPv6 packets, the Advanced Display Filter can be set to achieve it. Colasoft users can see the information of IPv6 packets in the Packet, IP Endpoint and IP Conversation views.

Besides, Capsa 11 is able to extract and fully reconstruct the files transmitted over FTP, TFTP, and HTTP, as well as SSL certificates. The new version can extract data from captured packets to reconstruct them to corresponding files. SSL Certificate Reconstruction function is to reconstruct the certificates transmitted over the SSL protocol, such as HTTPS, SMTP/SSL.

In addition to IPv6 and File Reconstruction, Capsa 11 has added support to RTP configuration to reconstruct the audio and video in RTP packets without signaling. A Free Trial version is available for download at http://www.colasoft.com/download/products/download_capsa.php

“With the release of Capsa 11, Colasoft has met the increasing customer demand in Ipv6 packet analysis and file reconstruction function”, said Brian Young, Vice President at Colasoft, “Colasoft Capsa now offers the Network Engineer one of the most robust Bandwidth and Packet Analysis tools available.”

Capsa 11 is compatible with Windows XP/2003/2008/Vista/Windows 7/Windows 8/Windows 10 and Windows Server 2012. A free trial is available for download at http://www.colasoft.com/download/products/download_capsa.php

Colasoft Announces Release of Capsa Standard 10.0

May 11th, 2018 No comments

November 28, 2017-Colasoft Co., Ltd, an innovative provider of network performance analysis and diagnostics solutions, today announced the release of Capsa Standard 10.0, a special edition of Capsa designed for Ethernet network monitoring, troubleshooting and analyzing.

Capsa Standard captures 100% of network traffic transmitted over a local host and local network, conducts in-depth network traffic analyzing, and provides statistics and diagnosis data in a simple-straight and graphical style so that users can get what they want with less clicks.

“Capsa Standard is an easy-to-use network tool which help network administrators troubleshoot network problems, pinpoint network bottlenecks and ensure a more efficient and secure network”, said Jane Hu, Marketing Director at Colasoft, “We design this special edition of Capsa for small and budget-limited business, and we believe it will serve as the most cost-effective network analyzer with the price of only $295”.

Top Capabilities of Capsa Standard 10.0:

  • Capture and save data transmitted over local networks and conduct both real-time and post-event analysis
  • Identify and analyze 1040 protocols and sub-protocols, as well as network applications based on the protocols
  • Monitors network bandwidth and usage through data packet capture of network transmissions
  • View network statistics at a single glance, allowing easy capture & interpretation of network utilization
  • Map out IP & MAC address details, including the traffic of each host on the network

Capsa Standard 10.0 runs on Win10/Win8/Win7/Vista/2008. A free trial is available for download at http://www.colasoft.com/download/products/download_capsa_std.php

Colasoft Capsa Network Analyzer v8.3 is Available Now!

March 29th, 2016 No comments

We are very pleased today to announce that a new version of Colasoft Capsa Network Analyzer, a real-time portable network analyzer for wired and wireless network monitoring, bandwidth analysis, and intrusion detection, is now available.

Capsa Network Analyzer v8.3 comes with the following improvements and fixed bugs:

  • The Windows 10 operating system logs off from time to time when starting Capsa.
  • Added name table cannot be auto-saved.
  • Packet files with capitalized extension cannot be replayed.
  • Log View settings in Analysis Profile cannot be auto-saved.
  • For wireless analysis, no packets are shown on the Packet view when a MAC address is selected in the Node Explorer.

A free trial of Capsa network analyzer v8.3 is available for download at:http://www.colasoft.com/download/products/download_capsa.php

Case Study: Credit Union of Denver

January 13th, 2016 No comments
  Colasoft’s products offer several tools to help us identify devices and traffic anomalies on our network. They also offer the Wi-Fi application to assist in further network issues or privacy concerns. Colasoft’s Capsa is affordable and efficient!”

– Benjamin Shumaker, NISO, Credit Union of Denver

Company Brief

As one of Colorado’s oldest and largest member-owned financial cooperatives, Credit Union of Denver provides its members with more overall value in the form of excellent rates, outstanding service, superior products and convenient access. By leveraging over 81 years of experience to keep operating costs low, membership returns high, and by making member satisfaction a top priority, Credit Union of Denver makes achieving financial goals smarter and more rewarding than ever before.

The Challenge

As a credit union, Credit Union of Denver needs quick identification of potential problems. They use multiple PC based applications as well as 3rd party browser based interfaces that require secure, fast, smooth delivery results. Changes to their environment can lead to negative impact on performance of network related information. Therefore, trying to identify the offending application or network breakdown is an urgent challenge of Credit Union of Denver.

The Solution

Comparing with some network analyzer they used before, Credit Union of Denver would like to choose a network analyzer which is easy to understand and adapt. The user-friendly interface of Capsa is what they want.

In the fast-paced financial industry, everything needs a quick result. By using Capsa, Credit Union of Denver is able to immediately identify applications which are inefficient and causing lots of unnecessary network traffic. Colasoft’s Capsa helps the company identify performance issues on network and save time at pin pointing the applications or networks causing the problem.

Voice

“The look and feel was great. Ability to capture packets, inspect, and diagnose were impressive. The overall Mapping ability to see where all the traffic is flowing, most popular hits, or congestive areas were visible.”

“The product was so easy that we did not require any support.”

Contact Info

Address: 9305 W. Alameda Ave Lakewood, Colorado 80226
Phone: 303-234-1700
Email: Secadmins@cudenver.com
Website: www.cudenver.com

View More

Categories: News & Events Tags: , ,

Capsa network analyzer review

October 12th, 2015 No comments
Capsa.png

Capsa network analyzer review from wireshark.com.

Capsa is a powerful network analyzer for Ethernet analysis, troubleshooting and monitoring. Not only does it provide users with a series of powerful features that help them learn more about improving network security, pinpoint network issues and monitor network activities, but it also features a user-friendly interface that makes using it a breeze. The software is generally targeted at computer professionals and/or teachers who want to learn more about networking technology, protocols, monitoring and security.

 

Real time monitoring

As a packet sniffer, Capsa is capable of real time packets monitoring and can also presents the data visually by using logs and a GUI for future reference. Given the fact the software is capable if easily analyzing and diagnosing problems on a network, it can tell the user in minutes what is causing it to be slow or if there is an attack that may be the culprit for its poor performance.

In identifying network issues, Capsa can find the top ten local hosts that slow down the network and can also detect whether someone is using a Bit torrent client to download files off the web which is obviously a prime cause of slow network performance.

Safety and security

Should an attack be responsible for the network’s poor performance, the software will immediately locate the packet info and source codes from the host so that the admin can promptly begin investigating the issue. There are 2 types of worms the software can locate, including operating system works and E-mail worms. This functionality is paramount in identifying the infected computers which eventually allows the admin to fix these issues.

Available filters

In order to be able to focus on specific packets, administrators can use a wide range of filters right from Capsa’s dashboard. For instance, admins can monitor real time messages, http requests, E-mail messages and more of the 4 most popular IM apps including YM, ICQ, AIM and MSN.

Other features

There are of course many other features that Capsa incorporates, such as the ability to generate reports of a certain group or global networks automatically, but also customize the data on different charts. As a network administrator, you can also use the software to remotely monitor traffic by installing the application on the business network (on a workstation of course) and using the Remote Desktop Access function.

Conclusion

All in all, Capsa is by far one of the most reliable and simply the best network analyzers out there. Not only does it offer a wide range of improvements that make using it a breeze, but it makes it very easy for anyone who uses it to find the info they need. On top of that, thanks to functions such as reports, Matrix and Diagnosis, it definitely stands out from the large crowd of similar programs available today.

Source

How to Use Multi-Segment Analysis to Troubleshoot Network Delay and Packet Loss

October 8th, 2015 No comments

Troubleshooting network problems can be a very intensive and challenging process. Intermittent network problems are even more difficult to troubleshoot as the problem occurs at random timeswith a random duration, making it very hard to capture the necessary information, perform troubleshooting, identify and resolve the network problem.

While Network Analyzers help reveal problems in a network data flow, they are limited to examining usually only one network link at a time, thus seriously limiting the ability to examine multiple network segments continuously.

Colasoft’s nChronos is equipped with a neat feature called multi-segment analysis, providing an easy way for IT network engineers and administrators to compare the performance between different links. IT network engineers can improve network performance by enhancing the capacity of the link according to the comparison.

Let’s take a look how we can use Colasoft nChronos’s multi-segment analysis feature to help us detect and deal effectively with our network problems.

Multi-segment analysis provides concurrent analysis for conversations across different links, from which we can extract valuable information on packet loss, network delay, data retransmission and more.

To being, we open nChronos Console and select a portion of the trend chart in the Link Analysis window, then from the Summary window below, we right-click one conversation under the IP Conversation or TCP Conversation tab. From the pop-up menu, selectMulti-Segment Analysis to open the Multi-Segment Analysis window:

Figure 1. Launching Multi-Segment Analysis in nChronos

In the Multi-Segment Analysis window, select a minimum of two and maximum of three links, then choose the stream of interest for multi-segment analysis:

Figure 2. Selecting a stream for multi-segment analysis in nChronos

When choosing a conversation for multi-segment analysis, if any of the other selected network links has the same conversation, it will be selected and highlighted automatically. In our example, the second selected link does not have the same data from the primary selected conversation and therefore there is no data to display in the lower section of the analysis window.

Next, Click Start to Analyze to open the Multi-Segment Detail Analysis window, as shown in the figure below:

Figure 3. Performing Multi-Segment analysis in nChronos

The Multi-Segment Detail Analysis section on the left provides a plethora of parameter statistics (analyzed below), a time sequence chart, and there’s a packet decoding pane on the lower right section of the window.

The left pane provides statistics on uplink and downlink packet loss, uplink and downlink network delay, uplink and downlink retransmission, uplink and downlink TCP flags, and much more.

The time sequence chart located at the top, graphically displays the packet transmission between the network links, with the conversation time displayed on the horizontal axis.

When you click on a packet on the time sequence chart, the packet decoding pane will display the detailed decoding information for that packet.

Using the Multi-Segment Analysis feature, Colasoft’s nChronos allows us to quickly compare the performance between two or morenetwork links. If you’re a network administrator, engineer or IT manager, we strongly suggest you try out nChronos today and see how easy you can discover and deal with network problems.

from: http://www.firewall.cx/general-topics-reviews/colasoft/nchronos-forensic-analysis/1105-network-troubleshooting-multi-segment-analysis-with-nchronos.html

 

Colasoft Capsa Free is a comprehensive network analyzer

October 8th, 2015 No comments

By Mike Williams

Colasoft Capsa 8 Free is a powerful tool for monitoring and analyzing network traffic, the free version of an enterprise package normally costing from $695.

The program has a vast and lengthy list of features, yet it’s also accessible to regular users. Just choosing an adapter and clicking “Start” gets you an attractive dashboard, with graphs showing network utilization, traffic, and top traffic by protocol and domain (keep in mind that Wi-Fi devices can’t be monitored in the free edition).

That’s just the start. Click the Summary tab and you’ll see the data behind the charts, the total numbers of IP and MAC addresses used in this session, the various protocols, DNS queries and responses, SMTP/ POP3/ IMAP 4 connections and a whole lot more.

Maybe you want to zoom in? Choosing one of the Conversation tabs — TCP, say — allows you to drill down, see which packets went to/from which addresses, the packet size, time sent, and more.

Colasoft Capsa 8 Free captures data packets, too, so you’re not restricted to summaries. Selecting any of these items displays the individual packets, and you can choose one, view any text it contains (maybe the password in a POP3 exchange, say). There’s even a detailed breakdown of the exchange, so for example you might view an IP packet to check its IP flags or TTL value.

This level of analysis isn’t just for a few internet standards, either. The program understands and can decode hundreds of protocols, and show you precisely what’s happening in every exchange.

Unsurprisingly, considering the full Enterprise version costs $995, the free build has a lot of restrictions. No monitoring of Wi-Fi devices, only one network adapter may be monitored, only one capture project can be run at a time, that’s limited to 4 hours maximum, only the first 10 private IP addresses will be analyzed, and so on.

Colasoft Capsa 8 Free has more than enough functionality left to make it interesting, though, for everyone from casual users to network experts. Give it a try.

from: http://betanews.com/2015/07/13/colasoft-capsa-free-is-a-comprehensive-network-analyzer/#comments

What’s New in nChronos 4.3?

November 25th, 2014 No comments

Service Port Monitor

nChronos 4.3 provides a Port view and a Service Access view to monitor and analyze service ports. The Port view calculates the statistics based on IP address + TCP/UDP service port. Together with the sorting function of nChronos, you can easily know which service ports are running on the network, and running for which IPs. The Port view further provides other information about the service port, including the application, the uplink and downlink traffic, the service access time, access times, etc. The Service Access view calculates the statistics based on server and client IPs, port number and applications. It provides the access details for each service port. You can drill a service port down to a specific service access session.

Request a demo

VLAN and VPN Virtual Link Support

nChronos 4.3 provides support for virtual links, including VLAN and MPLS VPN. You can add virtual interfaces and set up network links based on the virtual interfaces. There is a VLAN view, which displays traffic statistics based on VLAN ID. An MPLS VPN view is also provided to display traffic statistics based on MPLS VPN label. Together with the name table function of nChronos, you can add names for VLANs and MPLS VPNs.

Millisecond Analysis

Millisecond analysis provides traffic analysis accurate to one millisecond. It is important for users who care about transient traffic burst. Colasoft nChronos 4.3 provides millisecond traffic statistics and millisecond traffic alarm. Users can define any millisecond traffic alarm according to the need. The Millisecond Analysis window displays the millisecond traffic statistics trend charts in real-time.

Multi-Segment Analysis

Sometimes the responses from large websites are very slow, and to find out the system bottleneck for the websites, it is necessary to analyze each link of the websites. Colasoft nChronos 4.3 provides a multi-segment analysis function, which associates and correlates the data of the same conversation collected on two or more network segments, and displays graphical performance analysis results, like packet loss, delay, retransmission, etc., thus providing visibility into the areas where bottlenecks may occur. A Multi-Segment Analysis window has a timeline pane to show the traffic trends of monitored links. When a conversation is analyzed, the conversations on other segments will be picked up and analyzed automatically.

A Multi-Segment Detail Analysis window shows the detailed analysis results and visualizes the conversation flow across multiple segments. When clicking and hovering a packet, correlated packets will be highlighted, the time difference between the packets will be displayed, and the packet view will show the in-depth decoding information for that packet.

Storage Filter

nChronos 4.3 provides Storage Filter for users to store packets that match the filer rules. You can define the filter rules based on IP/MAC address, port number, protocol type, packet size, etc., and only packets matching the rules will be stored. Besides the filter rules, Storage Filter provides a functionality to truncate the stored packet to a specified size. With Storage Filter, you can store interested packets, and even store only the first few bytes of interested packets. It saves storage space, and helps you avoid from policy problems in some environment.

Request a demo

from: http://www.colasoft.com/nchronos/whatsnew.php

Colasoft Delivers nChronos v4.3 with Multi-Segment Analysis

November 23rd, 2014 No comments

Colasoft Delivers nChronos v4.3 with Multi-Segment Analysis

Tulsa, OK – November 19, 2014– Colasoft LLC (www.colasoft.com), an innovative provider of network analysis solutions, today announced a new version of its flagship product, nChronos Forensic Network Analysis Application. The multi-segment analysis leverages the packets recorded by nChronos to make it easier and quicker for network professionals to analyze the root cause of distributed application performance issues.

Most IT managers are have similar difficulty in diagnosing and solving application performance issues. It’s difficult to determine if the fault is in the network, the application, the server, or something else that is unknown. Hours or days are wasted in “finger pointing”. There are many components involved and troubleshooting a multi-segment network is difficult at best. In the past, IT professionals had to capture traffic separately from different points and manually merge the information into a single trace file to determine the root cause. nChronos will now automatically discover which packets and applications were seen at multiple points in the network. nChronos packet data recorder uses advanced algorithms to match data packets across the network. With nChronos v4.3, network problems such as latency, application errors, network anomalies or slow response can be tamed with greater ease and expediency.

nChronos v4.3 provides an even greater user experience with new and useful functionality and improvements. Below are some of the highlights of these new features included in nChronos v4.3:

  1. New views are added including a VLAN View, a MPLS VPN View, a Service Access View and a Port View.
  2. Provides millisecond-level traffic statistics and alarms for network links.
  3. Storage filter is available and packets can be stored with specified length.
  4. Application transaction alarms and application transaction alarm logs are now available.
  5. Packets can be downloaded from multiple network links.
  6. Combination analysis for IPv4 and IPv6 is available.
  7. The packets can now be stamped with switch time.

“We continue to provide an increase in value with additional functionality without sacrificing our easy to use interface. With the addition of multi-segment analysis, as well as the improved Alarm and Reporting function, nChronos now automates the previously tedious process of troubleshooting distributed network issues, with greater efficiency and ease.”, said Brandon Lewis, Director of Customer Support at Colasoft ”.

The evaluation version of nChronos 4.3 is now available on the Colasoft website www.colasoft.com.

From: http://www.colasoft.com/company/news_2014.php