Deep Packet Inspection and GeoLocalization
Deep Packet Inspection
CapAnalysis during the network traffic analysis tries to identify the protocol of each flow. To do that it uses the Deep Packet Inspection (DPI). Thanks to that feature it is possible to filter, using the filtering tool, the flows in base to the protocol.
The protocols that CapAnalysis can identify are more than 140 and inside this set of protocols there are:
| TeamViewer | Skype | Spotify | TeamSpeak | RTP | MEGACO | Oracle | YouTube | ||
| PCAnywhere | WindowsUpdate | Apple iTunes | Viber | SIP | RTCP | DropBox | WARCRAFT3 | ||
| VNC | RDP | SSL | AFP | SSH | MGCP | Tuenti | IPSEC | ESP | Yahoo |
GeoLocalization
For each connection CapAnalysis tries to identify the country of the destination point (server, …),for this task it uses the powerful tool which comes from MaxMind . This feature is enabled for both the IP versions: IPv4 and IPv6. CapAnalysis includes natively the MaxMind database. Also in this case it is possible to filter the flows inside the dataset in base to the country.
Italian Design
Copyright © 2012-2019 Gianluca Costa
All rights reserved.
Copyright © 2012-2019 Gianluca Costa
All rights reserved.