top of page

Introduction to
Protocol Analysis

What is "Packet-Level Analysis" and why is it important?

"Packet-Level Analysis" is the process by which individual conversations between devices are captured using a Protocol Analyzer and then the captured packets are decoded so they can be examined and assessed for correct operation. Software tools like Wireshark, AirMagnet Spectrum XT, AirMagnet Analyser Pro and OmniPeek are common examples of protocol analyser software packages and these are used by the AS Consultants protocol analysis team to provide packet-level analysis.

What is the process of performing analysis of 802.11, TCP/IP, and other protocols using a protocol analyser?

User data and application software information is transferred across a wired Ethernet or wireless 802.11 WiFi network in collections of data bytes called "packets". Each packet contains information identifying the devices, programs, and operating system elements that are involved in the exchange of data. Internal configuration information, software requests, and their replies are part of the packet exchange. When conversations are analysed at the packet level the specific overall operation and detailed internal behaviour of the communicating devices is exposed. A trained, experienced protocol analysis engineer can examine the packet-level captured data and draw conclusions and develop meaningful insight regarding problem issues that are not necessarily related to 802.11 RF signals, noise, or interference.

What types of problems can be identified during packet-level trace file protocol analysis?

Because the internal behaviour and state of the system and application software is revealed by the packet-level behaviour, protocol analysis can disclose a variety of possible problem sources or inefficiencies.

Problems that are manifested at the protocol level include:

  • Default Gateway IP address assignment by DHCP

  • Incorrect DNS server specification

  • DHCP lease time misconfiguration

  • TCP stack overflow and buffer memory deficit

  • RADIUS 802.1x credential failure

  • VLAN misconfiguration

  • QoS priority issues

  • 802.11 CTS/RTS implementation errors

  • IP address conflicts

  • Frame or data payload size limitations

  • Block-ack misconfiguration errors

  • Unauthorised network access attempts

  • Denial-of-Service attacks

  • Man-in-the-Middle hacking attempts

  • Wi-Fi Direct and wireless printer issues

We also offer a free Packet Capture Analysis service to analyse a single capture and report against it.

Call us for more information …

bottom of page