back caretBlog

Network Engineers Love Watching Paint Dry

Dan Greer compares a typical PCAP troubleshooting workflow with the ExtraHop platform, which enables you to get from metrics to packets in seconds.


The old slow way vs. the new fast way.

There was a time when people travelled by foot or in horse-drawn carriages. Then along came automobiles and aeroplanes, and suddenly an activity that previously took days or weeks could be completed in a fraction of the time.

That's what ExtraHop does for IT professionals looking for forensic packet evidence.

Ever since the introduction of tcpdump in 1987, packet captures (PCAPs) have been the most empirical method of determining what happened on the network. Law enforcement uses PCAPs to prosecute crimes, security analysts rely on PCAPs to deconstruct exploits, and network engineers parse PCAPs to determine the root cause of performance issues.

The problem: The old way of filtering PCAPs takes way too long!

In the video above, ExtraHop SE Manager Dan Greer demonstrates a typical PCAP troubleshooting workflow using Wireshark and then compares that to the process in ExtraHop. He uses a timer to show how much time you'll save with the new streamlined workflow.

Want to learn more?

ExtraHop Reveal(x) Live Activity Map

Stop Breaches 87% Faster

Investigate a live attack in the full product demo of ExtraHop Reveal(x), network detection and response, to see how it accelerates workflows.

Start Demo

Sign Up to Stay Informed