A core requirement for the network team is to be able to provide fast access to packet captures on-demand. Compliance, Security and Operations functions all benefit from access to packet captures. Corvil Capture delivers exceptional drop-free capture rates, coupled with an intuitive UI for fast retrieval. The Corvil Capture UI offers a powerful responsive experience that requires no training or support, with familiar filters and syntax for finding and exporting packet captures, fast. Corvil Capture is built on top of the core packet-acquisition architecture of the Corvil platform, to give you continuous, reliable capture in the most demanding environments.
Corvil Capture provides high-rate capture to disk with accurate hardware timestamping. Leveraging Corvil’s core packet processing architecture, Corvil Capture offers reliable glitch-free capture with many additional capabilities.
Corvil Capture is available on a range of high-performance capture and storage appliances, with support for up to 40G traffic rates without drops.
Support for all network packet brokers (NPB) port tagging and time-stamping capabilities, including Apcon, Arista, Cisco, cPacket, Gigamon, Ixia, Netscout and VSS. Port-tagging support allows you to filter, deduplicate and export traffic arriving on different upstream NPB ports. Timestamping support allows you to make use of upstream timestamps to get precision even when there is congestion in your data collection path.
Absorb extended line-rate traffic bursts without drops, with up to 32GB of ingress buffering.
Support for sub-microsecond synchronization to external sources using Pulse Per Second (PPS) and Precision Time Protocol (PTPv2 / IEEE 1588).
All data is compressed before being written to disk, maximising the available capture history.
Corvil Capture continuously monitors the completeness and accuracy of the captured data. Missing TCP data is reported, as this is symptomatic of drops upstream of the Corvil appliance. Also, overloaded SPAN sessions are detected and reported, as these can affect the accuracy of packet timestamps.
Optionally deduplicate traffic either at the level of the entire frame, or at the level of IP packets. Where traffic is deliberately captured at multiple points, easily filter your exports by physical Corvil port, or by ‘virtual’ upstream network packet broker port.
For immediate access to captures, the Packet Capture Export screen provides a simple yet powerful interface. Select a time period, optionally choose physical ports and filtering, and press the export button to download pcap to your desktop. Filtering supports industry standard Berkeley Packet Filtering (BPF) and Wireshark™ syntax, for maximum productivity and ease of use.
Visibility and access to the packet capture details is possible through the Event Inspection interface which allows for drilling down into packets and time series views. Filtering and time period selection for export is also possible using the Packet Capture Export feature.
For power users, a command-line interface provides access to all export and filtering options, and also provides access to the industry-standard tshark utility, offering a wealth of analysis and visibility to assist in troubleshooting and targeted export. For example, use tshark to identify all HTTP traffic with TCP zero-window alerts and identify top-conversations before doing a filtered export.
Corvil Capture offers comprehensive API access to capture and analytics. Use the API to retrieve PCAP files, with support for all the filtering available at the GUI. Or retrieve a text file of packet headers, or retrieve a timeseries of microburst for all traffic to a particular host.
Corvil Center leverages Corvil’s distributed analytics to provide a unified view of all application and network performance over Data Center / LAN and Cloud Services / WAN infrastructure. It provides a single point of access to Corvil deployment for click-through root cause analysis and simplified configuration/administration of the appliances. Corvil Center offers a single point of configuration and maintenance including automated configuration management, remote upgrades, and a real-time view of the health status for all managed Corvil appliances.