Launched last month, Colasoft's Capsa network analyser is an enterprise-grade professional network analysis package that captures real-time network traffic and performs protocol analysis and decoding.

Colasoft is also touting the automatic diagnosis and troubleshooting features of its software.

The network packet analysis market is currently a crowded one, with systems ranging from free open source products like Wireshark, to high-end systems from better known vendors such as Network Instruments with its Observer package. Observer can also run on high-end hardware able to store and forensically analyse terabytes of captured network packet data.

Colasoft Capsa 6.9 is certified for Internet Explorer 5.5 but can use more recent versions of the browser. It will run on 32-bit systems including Windows 2000 Professional (SP4 minimum), XP Professional (SP2 minimum), Vista and Windows Server 2003.

Windows XP, Vista and WS 2003 64-bit systems are also supported, but not currently Windows Server 2008. Network support extends from 10/100Mbit/s systems to gigabit connectivity, and has microsecond timestamp capability.

Aside from some GUI reporting options being enhanced, new in this version is the ability to decode Cisco's Inter-Switch Link protocol, which keeps virtual LAN information consistent as traffic negotiates switches and routers. Support for the Fibre Channel over Ethernet protocol has also been included.

Before installing the product, users need to check how their networks are set up. A straight connection can be used if hubs are deployed, but port mirroring needs setting up with managed switches. If specific segments need to be looked at, firms may need to deploy a test access port.

We installed Capsa 6.9 Enterprise Edition on a variety of systems including hardware running Windows XP, Vista and Windows Server operating systems. We could attach to hubs and managed switches with port mirroring enabled, and also take a specific feed off a router through a test access port.

We could quickly capture and filter network traffic and use the diagnosis analyser to check different network layers. For instance, we could check for application layer problems like DNS server errors, and troubleshoot simple mail transport protocol problems.

The GUI is powerful and simple to negotiate, and a few clicks is all that's required to pull network traffic off just about any interface and perform quite detailed analysis.

In conclusion, Capsa is a comprehensive package for network analysis, but users requiring high-end features, like the ability to analyse 10 Gigabit Ethernet connections in real time, may need to look at more expensive systems with dedicated hardware.

We'll be taking a more detailed look at this package later.