Upcoming Events

Cloud Connect
Santa Clara
Feb 13-16, 2012

Cloud Connect brings together the entire cloud eco-system to better understand the transformation we're experiencing and promises to be the defining event of the cloud computing industry. Learn about the latest cloud technologies and platforms from thought leaders in Cloud Connect’s comprehensive conference.

Register Now!

WinPharaoh 1.2 Pyramids Network Analysis

By Bruce Boardman The latest version of WinPharaoh, version 1.2, Azure Technologies' veteran protocol analyzer, sports a completely new design and an excellent Windows95 interface. Wizards and right mouse clicks, along with intelligent screen layouts, provide easy access to the less-than-intuitive features.

I tested a beta version at Network Computing's Syracuse University lab and noticed WinPharaoh's preformatted data display, improved expert system, and ability to decode data on the fly and to track traffic across multiple segments. Azure Technologies, a division of GN Nettest, seems to have all the answers.

No More Guessing On first glance, you'll know where the new interface's functions are and how to use them. Although this type of functionality is expected from Win95 programs, most pr otocol analyzers are ported from Windows 3.x or even DOS and maintain their earlier OS look and feel. WinPharaoh, in contrast, maximizes screen real estate by doing things like removing the scroll bars and maximizing the area for data display with-what else-a double mouse click.

In addition, WinPharaoh's data display for real-time and historical statistics is preformatted with tabs. Statistics are displayed as line, bar and skyline graphs, portraying utilization, top talkers, frame size, protocol and errors.

The Windows95 wizard takes the guesswork out of pre- and postcapture filter set up. In typical wizard fashion, every decision takes the novice user through a complex filter setup.

WinPharaoh's decoding offers the standard three-pane window for summary and detail. In addition, an expert window decodes intrapacket application error codes. The accuracy and depth of Azur e's decodes have always been a hallmark of its analyzers.

The expert system has improved by detecting duplicate IP addres ses and retransmissions. In addition, the threshold values are exposed and editable from within the analyzer's interface. However, though the expert system is broken into physical, protocol and application groupings, I couldn't determine what the specifics of each monitored grouped referred to. Detail for these errors is available only when the errors are detected and displayed. Although the detail is accurate, I would have liked some offline help to explain the errors so that I could set a threshold.

I tested WinPharaoh's ability to analyze WAN and LAN traffic from the same analyzer and same console user interface. I connected the box to the test T1s and the production frame relay WAN circuits. I had problems decoding channelized Point-to-Point Protocol (PPP) data, and I was disappointed that WinPharaoh did not autodetect the frame relay committed information rate (CIR) and channel usage. Azure assures me that the PPP problem will be fixed in the shipping version.

Real-Time Data Decoding da ta on the fly and simultaneously displaying it on the screen is one of WinPharaoh's claims to fame. Data flies by too fast to even come close to reading it, but it is still a useful display. As data runs by on the screen, it immediately gave me a feeling for the mix of traffic that was on the wire, thanks to the use of colors for protocols and stacks.

Another noteworthy tool is WinPharaoh's ability to track traffic across multiple segments. Not only can you trace traffic that originates on an Ethernet segment across a T1, and then back on to a LAN Token-Ring segment, but you can set filters that will view the source IP address.

Bruce Boardman can be reached at bboardman@nwc.com.