network analyzer (protocol analyzer or packet analyzer)
A network analyzer (also called a protocol analyzer or packetanalyzer) is a combination of hardware andprogramming, or in some cases a stand-alone hardware device, that canbe installed in a computer or network to enhance protection againstmalicious activity. Network analyzers can supplement firewalls,anti-virus programs, and spyware detection programs.
Network analyzers can:
- Provide detailed statistics for current and recent activity on thenetwork.
- Test anti-malware programs and pinpointpotential vulnerabilities
- Detect unusual levels of network traffic.
- Detect unusual packet characteristics.
- Identify packet sources or destinations.
- Configure alarms for defined threats.
- Search for specific data strings in packets.
- Monitor bandwidth utilization as a function of time.
- Create application-specific plug-ins.
- Display all statistics on a user-friendly control panel.
Network analyzers are not intended to replace firewalls, anti-virusprograms, or spyware detection programs. However, the use of a networkanalyzer in addition to other countermeasures can minimize theprobability that an attack will occur, and can facilitate rapidresponse in the event an attack begins.