Evaluate Weigh the pros and cons of technologies, products and projects you are considering.

Cloud monitoring tools: Troubleshooting with Wireshark in the cloud

As traditional network monitoring tools slowly evolve into cloud monitoring tools, Wireshark moves gingerly into network troubleshooting in the cloud.

Traditional network monitoring tools are beginning to take on a new role as cloud monitoring tools.

As enterprise networks become more complex with the addition of private, hybrid and public cloud environments, network monitoring and troubleshooting tools are evolving to accommodate the cloud. 

Just because a cloud environment can be out of sight doesn't mean it's out of the minds of IT administrators and network engineers. IT professionals are turning to tried and true network monitoring and troubleshooting tools -- like Wireshark -- in order to manage and troubleshoot cloud services.

Open source network protocol analyzer Wireshark has been widely used as a network troubleshooting tool, traditionally behind the firewall for packet analysis by network engineers. The tool is now becoming a cloud troubleshooting option for the enterprise, said Jonah Kowall, research director of IT operations management for Gartner Inc.

While the easy-to-download troubleshooting tool may not have all the bells and whistles of a broad-spectrum analysis tool, Wireshark can help security and networking administrators optimize traffic across any network, said John Pironti, president of consultancy IP Architects LLC.

Will the enterprise need cloud monitoring tools?

Wireshark's real use case for cloud environments will depend largely on how well it will be able to integrate with other cloud monitoring tools.

More on cloud monitoring tools:

Cloud monitoring tools evolving, but still lacking

Partners resell cloud monitoring tools

Primer: Cloud monitoring tools for providers

Because cloud environments are usually much larger than the typical enterprise network, network administrators may use Wireshark as part of their due diligence activities for network monitoring, but not as a solo solution for traffic capturing, Pironti said.

"Wireshark is a great technician's tool for dissecting environments and looking for very specific network issues, but it will not be used alone in a large environment -- like the cloud," Pironti noted.

Enterprises can use network monitoring tools like NetScout and NetWitness in conjunction with Wireshark for high-level packet capturing and behavioral analysis. These technologies, he said, are also widely used as probes within a cloud environment, providing advanced monitoring capabilities that Wireshark can't offer alone in the cloud.

"There's no question that any [enterprise] with network infrastructure, including cloud infrastructure, can use the tool -- but there's still a question of scalability," Pironti said.

Network visibility is restricted in a hybrid or public cloud environment, and enterprise IT administrators may not be able to view the full scope of their cloud provider's network. But in-house IT does not have to rely strictly on its cloud providers for troubleshooting and monitoring. "IT should still be able to debug and analyze network problems for their users," said Joe McEachern, founder and CEO of QA Café, an IP test solutions provider.

QA Café, a longtime Wireshark user, has developed CloudShark, a packet-level network monitoring application for securing, sharing and analyzing capture files.

"Some enterprises might think that a cloud environment takes away the need for tools like Wireshark, but it's not true. IT is still going to be applying traditional tools to look at packets, even if it's just between the enterprise and their provider," McEachern said.

Because Wireshark is traditionally a desktop tool, QA Café developed CloudShark to make capture files accessible in a Web environment on any device.

"It acts as a bridge between desktop applications and Web-based applications," said McEachern, noting that any enterprise network administrator using Wireshark for troubleshooting would be comfortable using CloudShark in a Web environment.

Will Wireshark evolve into a cloud monitoring tool?  

"For troubleshooting any type of problem that goes over any network, [IT] can definitely use traditional [networking] tools to capture network traffic from the server," Gartner's Kowall said, adding that network administrators can then use Wireshark to analyze traffic at the packet level.

And Wireshark is particularly good at digging down into the weeds of the network, Kowall noted. "While Wireshark won't be a cloud diagnostic tool, the tool applies to cloud the same way it can be applied to the data center or a home network," he said.

The cloud is a network just like any other traditional network, and while Wireshark won't prevent or correct network issues quickly, "it's a good last resort option for the networking team," Pironti said.

Let us know what you think about the story; email: Gina Narcisi, News Writer and follow @GeeNarcisi on twitter.  

This was last published in September 2012

Dig Deeper on Network management and monitoring