InformationWeek
Defining The Business Value Of Technology
September 13, 1999
 Print this story |
continued page 2 of 2
EtherPeek 3.5 For Windows
EtherPeek 3.5 is simple to install and has an accessible interface that lets you begin capturing traffic right away. The statistical functions are useful, and it displays them in easy-to-grasp formats.
The utility includes a number of tools for Internet-use monitoring, including URL and newsgroup access tracking, and filtering of connection-request messages to servers from unauthorized address groups.
EtherPeek's documentation is accessible and does a good job of explaining what the statistics mean and how to use the data gathered to isolate network problems.
Configuration of EtherPeek is straightforward, and the interface is simple. Simply clicking on the capture button begins packet capture, although most administrators will want to use the trigger or filter functions to begin capturing data when there's an error or to filter out data that isn't interesting; otherwise, the disk can fill up pretty quickly with data you don't need.
You can use EtherPeek to monitor a switched-network environment, using the switch's management interface (usually telnet/text) to redirect all frames destined for the port you want to monitor to the management port. You then plug the machine running EtherPeek into the management port to see all traffic for the mirrored port.
EtherHelp, a packet-capture application, monitors other network segments and sends the data to the EtherPeek Console. This is equivalent to the supplemental probes in Observer, but at no cost, although they're not quite as easy to set up and use. You can also output statistics in HTML, so they can be viewed from any browser.
I found EtherPeek to have the most-accessible interface of the tested products. While the others performed the same functions, they often required more steps to access them, or required configuring filters (even if only to say "don't filter," before use). EtherPeek is the easiest to start using.
Observer 6.2
The network I monitored runs TCP/IP, NetBIOS, AppleTalk, and IPX/SPX on Ethernet. While all the tools support at least token ring as well, I didn't test that. I used each program to capture data on network traffic, showing percentages of each kind of traffic, to look for errors such as bad packets or protocol errors and to collect historical data. All performed the basic functions I expected to find.
And from our sister publications:
AG Group Inc.'s EtherPeek 3.5 for Windows is a 32-bit Ethernet packet-level network traffic and protocol analyzer. It provides packet capture, decoding, and filtering, and has a number of useful plug-ins that provide additional information on packets such as AppleTalk or Novell's IPX/SPX.
Network Instruments LLC's Observer 6.2 is a 32-bit Windows application for traffic management and troubleshooting, designed for shared and switched environments. It has a mature interface, and it seems to be the most oriented to a multisegment enterprise network. The latest version offers voice-over-IP H.323 protocol decoding. 
continued...page 3
return to page 1
Back to This Week's Issue
Featured Microsite
