For Admin

Unsniff for Network Administration

Network Administration
Security Analysis
Field Support

Unsniff can help you troubleshoot like no other tool. Unsniff's stream analysis combined with its powerful scripting abilities enable you to write forensic analysis tools. The following groups will benefit from Unsniff Network Analyzer.

Security Analysts
Network Administrators
Field Personnel

Top features for network administrators

One-stop statistics

Unsniff Network Analyzer comes with powerful performance statistics capabilities built in. You can view the current top-N conversations for IP, Ethernet, and IPv6 hosts. You can also view the current bandwidth used in bytes/sec and packets/sec.We designed our Statistics window as a one-stop dashboard for the most frequently used reports.

Roll your own

For a network administrator, the main strength of Unsniff is its extensibility and scripting capabilities. Unsniff provides you the tools to roll your own administration tools. There are plenty of network / protocol analyzers but they do not provide you with an environment to write your own tools. You have to contact their "services department" to get them to include simple functionality. For example : Recently we talked to a talented web network administrator - he wanted his network analyzer to simply print out which countries were hitting what resources on one of his websites. So a simple report of : URL -> list of countries was all he needed. With Unsniff, he was able to write a simple script in Ruby to accomplish this. As a network administrator you will frequently encounter such situations - Unsniff enables you to break free of canned reports and analysis. You can also mine through captured data and perform security analysis.

Create your own reports

For users coming from tools which have many canned reports, it may seem that Unsniff is lacking these reports. The reality is that a majority of those canned reports are hardly ever used and result in information overload. Unsniff can generate many such reports easily via its scripting interface. For example : see packet length distribution, traffic report, and advanced TCP analysis tools.

Unleash Networks would love to hear from you about your needs in the reporting area.

For more information about how Unsniff Network Analyzer can help with your particular usage scenario, contact us at Send mail to this ID

Content aware analysis

View network traffic, how it appears at different layers :

View reconstructed "user objects" like HTML, Voice conversations, images
Automatically monitor whole TCP sessions
View reassembled PDUs, not just link layer packets
Statistics and conversations
Decrypt TLS if you possess the private key
Easily extensible

Two interfaces

A graphical interface that is designed for beginners. All fields are drawn as a protocol diagram with help tooltips. Just hover your move over any field to view a description of the field. Read more

Protocol field bubble help

A scripting interface designed to automate analysis. You can write scripts in Ruby or VBScript and either run them stand alone or attach them to menus. Read more

Scripting in Ruby

Distributed analysis with Trisul

Unsniff 2.0 can connect securely to Trisul. This allows you to perform drill down network analysis without having to haul large packet dumps across your network.

Trisul integration