Advanced IP Traffic Analytics for Faster Root-Cause Analysis
IP Analytics™ provides advanced session-level analytics for TCP/IP traffic, enabling faster troubleshooting, performance monitoring, and root-cause analysis. Supporting both real-time and offline traffic analysis, the solution delivers TCP/UDP conversation analytics, endpoint visibility, TCP performance monitoring, traffic visualization, and advanced filtering to quickly identify network, client, and server performance issues.
Request a Demo / Quote Brochure
Overview
Modern enterprises and telecom networks generate massive volumes of TCP/IP traffic, making rapid identification of network bottlenecks, abnormal communication behavior, latency issues, and application-performance degradation increasingly complex. Traditional packet-level inspection often requires significant manual effort and may delay troubleshooting and root-cause identification.
IP Analytics™ within PacketScan Web™ transforms captured packet traffic into actionable analytical insights through advanced session-level traffic analytics and interactive visualization. The solution organizes captured traffic into structured analytical views including MAC, IP, TCP, and UDP conversations and endpoints, enabling network teams to quickly analyze traffic behavior, throughput trends, retransmissions, latency variations, congestion conditions, and protocol activity.
IP Analytics™ can analyze traffic captured using GL applications such as PacketScan HD™, FastRecorder™ and PacketExtractor™, and PacketScan™, providing a unified platform for traffic analysis and troubleshooting.
Using multi-level visibility across endpoints, conversations, sessions, and protocol behavior, IP Analytics™ helps network teams determine whether performance issues originate from the network path, client endpoint, or server endpoint. Centralized dashboards, TCP statistics, advanced filtering, and graphical traffic visualization help reduce manual packet-level investigation effort while improving troubleshooting efficiency.
Why IP Analytics™?
- Helps accelerate root-cause identification across complex IP networks
- Advanced TCP session analytics with graphical performance visualization
- Supports both real-time and offline traffic analytics
- Multi-level visibility across endpoints, conversations, sessions, and protocols
- Helps reduce manual packet-level troubleshooting effort
- Helps detect retransmissions, packet loss, congestion conditions, RTT issues, and abnormal traffic behavior
- Centralized dashboards for enterprise, telecom, and data center traffic analytics
- Integrated filtering, TCP statistics, and traffic visualization within a unified analytics platform
Key Features
- Advanced session-level visibility into IP network traffic
- Real-time and offline packet traffic analytics
- MAC, IP, TCP, and UDP conversation analysis
- Endpoint traffic monitoring and communication analytics
- Interactive dashboards for traffic visualization and troubleshooting
- TCP performance analysis including RTT, retransmissions, congestion, resets, and packet loss
- Throughput trend visualization and TCP session analytics
- Session-based and expression-based filtering
- TCP statistical summaries and connection analytics
- Protocol hierarchy and packet size distribution analysis
- Interactive Bar, Line, and Pie chart visualization
- Packet-level drill-down analysis for detailed troubleshooting
- Generates detailed downloadable IP Analytics™ reports for traffic analysis, troubleshooting, and network performance validation
Supported Analytics
Conversation Analytics
- IP Conversation and IP Endpoint analysis
- TCP Conversation and TCP Endpoint analysis
- UDP Conversation and UDP Endpoint analysis
- Port-based traffic analytics
TCP Analytics
- TCP Statistics
- TCP Server Summary
- TCP Client Summary
- TCP Session Summary
- RTT Analysis
- Retransmission Analysis
- Congestion Analysis
Endpoint Analytics
- MAC Endpoint Analysis
- IP Endpoint Analysis
- TCP Endpoint Analysis
- UDP Endpoint Analysis
Traffic Visualization
- Packet Rate Analysis
- Data Rate Analysis
- Protocol Hierarchy
- Packet Size Distribution
- Interactive Traffic Graphs
Use Cases
- Application Traffic Monitoring
- Network Performance Optimization
- TCP Session Analysis
- Top Talker Identification
- Root-Cause Identification
- Protocol Usage Analysis
- Traffic Trend Monitoring
- Connection Health Monitoring
Applications
- Enterprise Network Troubleshooting - Identify degraded sessions, unstable connections, abnormal communication behavior, and application-related traffic issues across enterprise environments
- Data Center Traffic Analytics - Analyze traffic patterns, top talkers, throughput trends, and protocol distribution across data center networks
- TCP Performance Validation - Monitor RTT, retransmissions, congestion conditions, receiver-window behavior, and TCP efficiency across captured traffic
- Congestion Analysis - Detect congestion-related performance degradation and identify affected sessions, servers, and communication paths
- Packet-Level Troubleshooting - Drill down from session-level analytics to detailed packet inspection when advanced investigation is required
Frequently Asked Questions
- What is IP Analytics™?
- IP Analytics™ is an advanced IP traffic analytics and TCP performance monitoring solution within PacketScan Web™ that provides session-level visibility into network traffic for troubleshooting, performance analysis, and root-cause identification.
- Does IP Analytics™ support live and offline analysis?
- Yes. IP Analytics™ supports both real-time live traffic analytics using Ethernet capture interfaces and offline analysis using previously captured trace files.
- What types of traffic analytics are supported?
- The solution supports MAC, IP, TCP, and UDP conversation and endpoint analytics along with TCP statistics, protocol analysis, and traffic visualization.
- What TCP performance metrics can be analyzed?
- The platform provides visibility into RTT, retransmissions, packet loss, congestion conditions, duplicate ACKs, throughput behavior, TCP efficiency, and connection-related events.
- Can users perform session-level troubleshooting?
- Yes. IP Analytics™ provides detailed TCP session visibility including packet-level inspection, graphical TCP analysis, and session-behavior monitoring.
- Does IP Analytics™ support graphical traffic visualization?
- Yes. The platform supports Packet Rate, Data Rate, RTT, retransmission, congestion-window, and receiver-window graphical analysis, along with protocol hierarchy and packet-size distribution views for traffic visualization and analysis.
- Can users filter traffic using custom expressions?
- Yes. Expression-based filtering enables users to isolate traffic flows using IP addresses, ports, RTT values, packet counts, and TCP-related conditions.
- Can IP Analytics™ identify top bandwidth-consuming clients and servers?
- Yes. IP Analytics™ helps identify top clients, servers, and applications based on traffic volume, packet counts, and communication statistics.
- How does IP Analytics™ improve troubleshooting efficiency?
- The platform converts captured packet traffic into structured analytical views that help accelerate troubleshooting and root-cause analysis.
- How does IP Analytics™ help identify root-cause issues?
- The solution helps determine whether issues originate from the network, client, or server by analyzing TCP session behavior and endpoint communication patterns.
- Network Issues: High RTT, retransmissions, congestion-window reduction, and packet loss
- Server Issues: Receive-window limitations, delayed responses, and connection failures
- Client Issues: Session setup delays, slow acknowledgments, and limited transmit behavior
Dashboard
The IP Analytics™ Dashboard provides a centralized graphical and statistical view of captured IP traffic, enabling rapid analysis of traffic behavior, protocol distribution, throughput trends, and network-performance conditions.
The dashboard helps identify:
- High-bandwidth endpoints
- Congestion conditions
- Retransmissions
- Session failures
- Traffic anomalies
- Throughput degradation
Top Talkers
The Top Talkers view identifies high-bandwidth clients, servers, and applications generating maximum traffic within the network.
This helps users:
- Detect bandwidth-heavy endpoints
- Analyze traffic utilization
- Identify abnormal communication behavior
- Monitor application traffic contribution
Example: Identify servers or applications consuming excessive bandwidth within the network.
Connections
The Connections view provides visibility into TCP connection behavior including:
- Retransmissions
- Resets
- Failed connections
- Incomplete sessions
- Congestion-related events
This enables faster troubleshooting of unstable or degraded TCP sessions.
Performance
The Performance view displays TCP efficiency and RTT distribution statistics to help analyze:
- Latency behavior
- Throughput degradation
- Session-performance anomalies
Issues
The Issues view highlights:
- Packet loss
- Retransmissions
- Congestion conditions
- Server-side failures
- Abnormal communication behavior
This helps accelerate root-cause identification across the network.
Packet Rate and Data Rate
Packet Rate displays packet-processing activity over time for loaded traffic captures.
Data Rate displays throughput behavior and bandwidth utilization trends to help analyze traffic intensity and communication behavior.
Packet Rate Graph
Data Rate Graph
Protocol Hierarchy
Protocol Hierarchy displays traffic distribution across protocol layers including:
- Ethernet
- IP
- TCP
- UDP
- HTTP
- TLS
- DNS
This helps users understand protocol composition and bandwidth contribution across captured traffic.
Packet Size Distribution
Packet Size Distribution displays traffic distribution across different packet-size ranges to help analyze:
- Traffic composition
- Packet behavior
- Bandwidth utilization characteristics
Conversation Analysis
Conversation Analysis provides visibility into communication behavior between endpoints across the network.
Users can analyze:
- Packets and bytes
- Throughput behavior
- Session duration
- RTT variations
- Retransmissions
- TCP events
- Connection activity
This helps isolate whether performance issues originate from the client, server, or network path.
MAC Conversation Analysis
Provides visibility into Layer-2 communication activity between MAC addresses, including:
- Displays communication between source and destination MAC addresses within the local network
- Identifies frame counts and transmitted/received bytes between MAC devices
- Provides conversation details such as start time, end time, and conversation duration
IP Conversation Analysis
Provides visibility into Layer-3 communication activity between IP endpoints, including:
- Displays communication between source and destination IP addresses
- Identifies TCP and UDP conversations associated with each IP pair
- Provides traffic statistics including packets, bytes transferred, start time, end time, and conversation duration
TCP Conversation
Provides detailed visibility into TCP session behavior including:
- Throughput trends
- RTT variations
- Retransmissions
- Congestion behavior
- Acknowledgment analysis
- TCP control events
UDP Conversation
Provides visibility into UDP communication activity between source and destination endpoints, including:
- Displays UDP communication between source and destination IP addresses with associated port numbers
- Identifies UDP packet counts and data transferred for individual conversations
- Displays conversation details such as start time, end time, and conversation duration
Port Analysis
Displays TCP and UDP port statistics to help analyze:
- Protocol usage
- Application communication behavior
- Port-specific traffic activity
- Connection utilization
Endpoint Analysis
Endpoint Analysis provides visibility into network traffic associated with individual MAC addresses, IP addresses, and TCP/UDP endpoints.
The solution enables analysis of:
- Traffic direction
- Communication duration
- Packet and byte statistics
- Conversation counts
- TCP event behavior
MAC Endpoint Analysis
Displays Layer-2 traffic statistics associated with individual MAC addresses.
IP Endpoint Analysis
Displays Layer-3 traffic statistics associated with individual IP addresses.
TCP Endpoint Analysis
Displays TCP traffic statistics associated with IP address and port combinations.
UDP Endpoint Analysis
Displays UDP traffic statistics associated with IP address and port combinations.
Top Clients and Servers
Identifies clients, servers, and applications generating the highest traffic volume and communication activity across the network.
Detailed TCP Session View
Displays detailed frame-level visibility for selected TCP sessions including:
- Packet exchange behavior
- Session activity
- Sequence tracking
- Acknowledgment analysis
- Retransmissions
- Out-of-order packets
- Communication flow analysis
TCP Statistics
Provides a consolidated summary of TCP session behavior observed within captured traffic.
This includes:
- Connection statistics
- Retransmission activity
- Congestion behavior
- Reset events
- Server behavior
- Client behavior
RTT Analysis
Displays TCP Round Trip Time behavior to help identify:
- Latency variations
- Delayed responses
- Network responsiveness issues
Retransmission Analysis
Displays retransmission activity over time to help identify:
- Packet-loss conditions
- TCP reliability issues
- Unstable communication behavior
Congestion Analysis
Identifies TCP congestion conditions that may impact:
- Throughput performance
- Session stability
- Application responsiveness
- Communication efficiency
TCP Session Summary
Displays consolidated TCP communication statistics including:
- Packets
- Bytes
- Connections
- Sequence errors
- Reset events
- Congestion events
- Client IPs
- Server IPs
TCP Server Summary
Displays traffic statistics associated with server endpoints including:
- Traffic volume
- Congestion activity
- Reset behavior
- Session activity
TCP Client Summary
Displays traffic statistics associated with client endpoints including:
- Packet counts
- Byte counts
- Congestion behavior
- Sequence-related events
- Reset activity
Session Packet Filtering
Filters packets associated with selected TCP conversations for detailed packet-level inspection and troubleshooting.
Filter Session Packets
Filtered Results in Packet Analyzer
Expression-Based Filtering
Allows users to apply advanced filter expressions using:
- IP addresses
- Ports
- Packet counts
- TCP efficiency
- RTT values
- Logical operators
This helps isolate relevant sessions and communication flows for focused troubleshooting.
High RTT Filtering
Helps identify sessions affected by:
- Network latency
- Congestion conditions
- Communication delays
- Throughput degradation
TCP Packets Filtering
Allows users to isolate TCP conversations using performance-related filtering conditions such as RTT values and session behavior.
Filter TCP Packets
Example: Filter TCP conversations within specific RTT ranges (1–5 ms) for focused latency analysis.
Interactive Graphical Analysis
Provides time-based visualization of:
- Packet rate
- Byte rate
- RTT behavior
- Retransmissions
- Receiver-window behavior
- Congestion-window activity
Packet Rate and Byte Rate (Forward and Backward) Graphs
Receiver Window and Congestion Window (Forward and Backward) Graphs
Round Trip Time and Retransmissions (Forward and Backward) Grap
Bar Chart View
Provides visual comparison of traffic statistics across endpoints, sessions, and applications.
Line Chart View
Provides trend analysis of traffic behavior and network-performance activity over time.
Pie Chart View
Provides proportional visualization of protocol distribution and traffic contribution.
Reports and Analytics
IP Analytics™ provides comprehensive reporting capabilities for processed session statistics and network traffic analysis. The solution generates detailed downloadable reports that help engineers analyze network behavior, validate traffic performance, troubleshoot communication issues, and maintain operational records.
The reporting engine provides detailed visibility into:
- TCP conversations and endpoint statistics
- Client and server connection summaries
- Packet, byte, and payload statistics
- Session duration and TCP state information
- TCP efficiency and event-based analytics
In addition to detailed statistical summaries, IP Analytics™ reports include graphical worksheets with Bar, Line, and Pie chart visualizations for application traffic distribution, bandwidth utilization, and network performance analysis.
Generated reports simplify offline analysis and provide deeper traffic visibility for efficient troubleshooting and performance validation in complex IP and Ethernet network environments.
Sample Report
Bytes by Application – Bar Chart
Bytes by Application – Line Chart
Bytes Distribution by Application – Pie Chart
Resources
| Item | Description |
| PKV410 | IP Analytics™ |
| PKV100 | PacketScan™ IP Analyzer |
| Item | Related Hardware and Software |
|---|---|
| PKV120 | PacketScan™ HD – High Density IP Traffic Analyzer w/ 4x1GigE |
| PKV120p | PacketScan™ HD w/4 x 1GigE - Portable |
| PKV122 | PacketScan™ HD – High Density IP Traffic Analyzer w/ 2x10GigE |
| PKV122p | PacketScan™ HD w/2 x 10 GigE - Portable |
| PKV124 | PacketScan™ HD w/40/100 GigE |
| PKV124P | PacketScan™ HD w/40/100 GigE - Portable |
| PKV127 | PacketScan HD™ w/ 400 GigE |
| PKV128 | PacketScan HD™ w/ 400 GigE - Portable |
| PKV129 | PacketScan HD™ w/ 2-port, 400 GigE – Portable |
| PKV123 | PacketRecorder™ HD & PacketRePlay™ HD |
| Brochures |
| IP Analytics™ Brochure |
| Presentations |
| IP Analytics™ Presentation |