The value of capturing and analyzing network traffic is well established. After all, the generic "sniffer" has been a fixture of networking since the days of "datascopes" on RS-232 connections. Wireless links introduce a number of complicating elements to this process, however -- Wi-Fi protocols are unique at Layer 2, and traffic over the air isn't serialized, as is the case with wire. Simultaneous, competing traffic is often the norm.
Packet-capture tools are no longer the first-line approach to troubleshooting, and many Wi-Fi assurance suites include a variety of capabilities that can resolve even vexing problems without resorting to protocol analysis. Nevertheless, there are times when an analysis of raw, real data is the only way to go, particularly when connection and authentication challenges are being diagnosed.
Wi-Fi packet-capture and analysis products come in a number of forms. Some vendors offer this capability as part of more elaborate analysis tool sets, while others are quite ad-hoc, focusing only on capture and analysis. In this Clear Choice Test, as part of our continuing series of wireless-LAN (WLAN) management-tool reviews, we tested the applicable packet-capture and analysis features of all the major Wi-Fi assurance tools including those from AirMagnet, Aruba Networks (the former Network Chemistry line), Motorola (the former AirDefense product family) and WildPackets.
We also tested ad-hoc products from Cace Technologies and TamoSoft. There are a number of other ad-hoc tools available, but they were not suitable for this test for a variety of reasons.
The good news is that four of the six products tested got perfect or near-perfect scores in our evaluation, showing a particularly high level of functions and maturity. Any of these would be suitable to resolve even difficult Wi-Fi connectivity challenges.
So, it is difficult to reduce this testing to a single obvious winner because the range of features across the products is so broad, to say nothing of the range of prices. There's a lot to be said in favor of a large, omnibus assurance package, such as AirMagnet's WiFi Analyzer or WildPackets' OmniPeek, both of which contain very robust and useful packet-capture and analysis functionality -- and a lot more.
If we had to pick one, however, it would be OmniPeek because it is undeniably simple, powerful and convenient. WiFi Analyzer finishes in a very close second. The choice really depends on the other assurance features required and on one's preference for a specific approach to the user interface.
Of the more focused products, CACE's AirPcap and TamoSoft's CommView for WiFi encompass an excellent combination of high function, ease of use and convenience in simple, low-cost packages. AirPcap gets the nod here, however, because of the hardware adapter included and the availability of the optional but very powerful and excellent Pilot reporting tool. Wireshark, which is the basis of AirPcap, is a popular open source packet analyzer, so one could in theory assemble a Wi-Fi packet-capture and analysis solution at no cost -- other than writing a little code and a bit of integration. CACE makes it so simple, however, that one can easily justify the very modest cost of its bundle.