Sniffer Suite Has a Nose for Nets

SAN MATEO (03/06/2000) - Companies depend on their networks as much as they depend on the their telephones, and that dependence is increasing. Due to that heavy reliance, tough network problems pose huge hurdles for an enterprise.

Predicting the effects of increasing traffic on a network involves spending $50,000 or more on carrier-level software.

Network Associates Inc.'s Sniffer Portable Analysis Suite 3.5 helps solve these expensive and time-consuming problems by bundling Sniffer tools, winner of one of this year's InfoWorld Product of the Year awards, with two new components:

Compuware Corp.'s Comnet Predictor and Comnet Reporter.

Sniffer Technologies hit the ball out of the park when it bundled two valuable, now Sniffer-branded packages from Compuware into the Sniffer Portable Analysis Suite 3.5. The suite starts with the standard package of Sniffer Pro LAN 3.5, with the new Sniffer tools, Predictor 2.0 and Reporter 2.0, included on a second CD.

The Sniffer suite's utility extends to almost every level of a company.

Although packet decoding is included primarily for network administrators, managers will find Sniffer Predictor, in tandem with Sniffer Reporter, valuable for communicating network needs to higher management. The Sniffer products are famed for being powerful and for supplying a wide range of protocol decoding and analysis tools, and Predictor's capabilities are the suite's primary attraction.

I did not rate Sniffer Portable Analysis Suite 3.5 Excellent because it has limited support for notebook network hardware. To remedy this problem, most shops buying Sniffer for the first time will face the additional expense of installing supplemental network adapters. Another inconvenience is that you must install each of the three parts of the suite separately, rebooting after each install.

In some ways, Sniffer occupies its own place in the network analysis area. The highest end of the traffic analysis marketplace is securely occupied by Wandel & Goltermann's Domino line of hardware-based analyzers, and is suitable only if your discretionary budget runs into the millions. Conversely, there are a number of low-end Windows-and Macintosh-based tools, notably AG Group's EtherPeek for both platforms. A number of equipment vendors, such as 3Com and Cisco, are also jumping into this space as a natural outgrowth of their management tools, but their offerings usually require a sizeable portion of the infrastructure be provided by their respective vendor.

As my test system, I used a Dell Latitude LS laptop with Windows 98; with a 400-MHz CPU and 128MB of RAM, the lightweight Latitude was ideal for analyzing a Fast Ethernet environment.

Even before running the setup programs, I faced a dilemma. The documentation points out at length that the best results are only possible when using Sniffer's own network drivers, which support a limited range of hardware. Also, enhanced drivers are only available for the cards that Sniffer resells.

Although I was able to use the laptop's built-in 3Com 10/100 Ethernet hardware for basic operations, I found the limited hardware support mildly frustrating.

Once the setup was complete, I used Sniffer Pro to monitor my test network and collect data. Sniffer Reporter helped me organize and document that data, and I had Sniffer Predictor perform some "what-if" calculations based on the captured data from the test network.

As soon as I launched Sniffer Pro, it began to monitor my test Ethernet. I began a packet capture with a keystroke, and when I had enough data, Sniffer Predictor was just a click away. The elapsed time was one hour, but my effort took one minute.

When I opened Sniffer Predictor 2.0 to analyze my data, I was immediately impressed by its capability of identifying traffic bottlenecks and making recommendations for redesigning the network based on the data collected by Sniffer Pro. Predictor's diagrams also offered me a quick drill-down into the statistics behind the pretty pictures.

Although the bundled Predictor lacks the multisegment capabilities of Compuware's full-blown Comnet Predictor, it is still the suite's primary attraction. For any organization in an accelerated growth mode, Predictor's utility will justify the suite's expense in a matter of months. Sniffer Reporter 2.0 recognizes only 10/100 Ethernet and Token Ring topologies.

Some difficulties aside, Sniffer Pro LAN 3.5 is one of those rare packages that is incredibly powerful, but so simple to use that many people never even scratch the surface of its capabilities. Even if you don't use every feature, Sniffer Portable Analysis Suite's new traffic analysis and simulation application make it a must for any organization in an acquisition or growth mode. With an easy-to-use interface veiling a protocol analysis powerhouse, the Sniffer suite delivers valuable tools in a package that has a price that looks steep until you consider the cost of ignorance.

P.J. Connolly ( covers networking issues for the Test Center.


Sniffer Portable Analysis Suite 3.5

Business Case: Sniffer Portable Analysis Suite 3.5 helps companies increase their business capabilities via network growth and aids in network fixes. The bundle also costs much less than separately purchased components and offers unmatched value.

Technology Case: First-rate reporting and simulation tools make this suite a must-have for growing enterprises. In addition, expert managers and technicians will appreciate the powerful, yet easy-to-use, interface.


+ Wide range of protocol decodes, including SAP R/3 and VPN support+ Easy-to-understand, yet powerful, reporting and simulation tools+ Comparatively low cost and high valueCons:

- Supports limited range of network adapters- Lacks integrated installationCost: $25,000; requires PC card network adapter for full performancePlatform(s): Windows 95/98, Windows 2000, Windows NTSniffer Technologies; Santa Clara, Calif.; (800) 764-3337;

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

More about 3Com AustraliaComnetCompuwareSAP AustraliaSniffer TechnologiesTandem

Show Comments