Compact L7 Network Traffic Analyzer

“Compact L7 Network Traffic Analyzer” – device for deep analysis of Ethernet traffic of up to 10 Gbit/s, including full L7 decoding, extraction of metrics of user sessions contents and quality, collection and storage of statistics database with real time resolution. Retrospective analysis of failures.

Read more at www.kroznet.com

The solution “Compact L7 Network Traffic Analyzer” corresponds to the requirements of ETSI, orders of the Ministry of Telecom and Mass Communications of the Russian Federation №83 of April 16, 2014: “Оn the approval of regulations on the use of switching systems equipment, including software that provides performance of the established actions when carrying out Operative Investigative Activities”, State Committee of the Russian Federation №47 of March 27, 1999, “Technical Requirements for Lawfully Authorized Electronic Surveillance Systems”, approved by the Ministry of Telecom and Mass Communications of the Russian Federation of November 01, 2003, and “Requirements to telecommunication networks for carrying out OIA”, approved by the Ministry of Telecom and Mass Communications of the Russian Federation №73 of March 27, 2010.

Technical characteristics:

  • Size: 27x23x6 cm;
  • Interfaces: 2x10G Ethernet SFP+;
  • Additional interfaces: 1x1G Ethernet RJ45, USB, monitor, keyboard, mouse;
  • Hard drives: 100Gb;
  • Operating modes: linear dump record, real time analysis, base record statistics;
  • Power supply: 100-240VAC, 50-60 Hz;
  • Weight: 2.5 kg.

Functionality:

  • Analysis of network streams and protocols up to the applied OSI level;
  • Analysis of user connections of RADIUS/TACACS+/DIAMETER/GTP;
  • Collection and storage of detailed statistics database on all streams of a network at any loading;
  • Analysis of traffic quality, integrity, number of repeats;
  • Full traffic dump record at a speed of up to 20 Gbit/s.;
  • Work with a full range of technologies of data transmission and voice, VLAN, IGRP, MPLS, GPRS, CDMA, WiMAX, 4G, LTE;
  • Receipt and decoding of data from channels in full without preliminary filtration;
  • Deep analysis of a tunneled traffic, analysis of PPPoE, GRE, PPTP, L2TP;
  • Analysis of the VoIP, IM protocols.

Connection options:

  • Optical splitter – the main option for high-speed optical communication channels;
  • Traffic mirroring (SPAN port) – duplication of a traffic from one or several switch ports;
  • UTP splitter – highly reliable specialized device for duplication of copper UTP stream.;
  • Traffic aggregators – flexible traffic aggregation/filtering of these channels is possible with traffic branch point array.

Possible purposes of the analysis:

  • Failures, including those which happened the day before (equipment malfunction, overloads);
  • Most loaded or traffic damaging routers in a network/backbone core;
  • Quality of channels balancing, reserve scheme overall performance;
  • Traffic problems of certain users (MTU, TTL, IP-Frag, etc.);
  • Quality of the traffic provided to users (services);
  • Channel band use by various loads in time;
  • Number of users on various NAS, distribution in time, resets;
  • Traffic correlation, internal/external / GeoIP in time;
  • Extent of use of various resources / services (Web, FTP, MAIL);
  • L2, L3, L4, L7 protocol correlation in the channel;
  • Number of VoIP use by users, quality of VoIP service;
  • Routes used in a network for various groups of users;
  • Research of various routers prefix groups, search of the least remote ones;
  • Search of damaging activities, attacks, password matching, spam sources, unaccounted traffic.