network analyzer (protocol analyzer or packet analyzer)

A network analyzer (also called a protocol analyzer or packetanalyzer) is a combination of hardware andprogramming, or in some cases a stand-alone hardware device, that canbe installed in a computer or network to enhance protection againstmalicious activity. Network analyzers can supplement firewalls,anti-virus programs, and spyware detection programs.

Network analyzers can:

• Provide detailed statistics for current and recent activity on thenetwork.
• Test anti-malware programs and pinpointpotential vulnerabilities
• Detect unusual levels of network traffic.
• Detect unusual packet characteristics.
• Identify packet sources or destinations.
• Configure alarms for defined threats.
• Search for specific data strings in packets.
• Monitor bandwidth utilization as a function of time.
• Create application-specific plug-ins.
• Display all statistics on a user-friendly control panel.

Network analyzers are not intended to replace firewalls, anti-virusprograms, or spyware detection programs. However, the use of a networkanalyzer in addition to other countermeasures can minimize theprobability that an attack will occur, and can facilitate rapidresponse in the event an attack begins.