4 min read
If you’re a Managed Service Provider or other IT outsourcing company, chances are you’ve had to use packet capture on many occasions to help customers solve network problems. With the right analysis tools, packet captures can be your go-to resource to help you get to the root of problems faster and make customer interactions easier.
For the Managed Service Provider, packet capture files are generally the quickest way to get to the root cause of a network, application, or security problem. Your teams probably already rely on capture files for VoIP analysis, VPN integrity, Wifi troubleshooting, and handling security threats.
The problem is that dealing packet captures is a traditionally esoteric area of knowledge, and made difficult by the tools used to handle them. Captures can be generated natively using a host of open source and operating system specific tools - both on computing systems and networking products. This means they can end up all over your managed system in different formats on different machines with no way to organize them.
What’s more, MSP end customers are using MSP services precisely so they don’t have to deal with the complexity of managing their own IT. When a problem occurs, asking customers to analyze the data themselves or email a capture to your support team is nonsensical enough to make it quickly not worth the effort. This is unfortunate, because using that capture data could be the quickest way to get to the route of the problem.
What are the specific use cases that MSPs face when using packet captures? How can CloudShark make sure you get the most out of them?
The most ideal case is that an MSP uses CloudShark as would any other Enterprise; using packet capture on their own or remote systems and pushing them to CloudShark for analysis.
In this scenario, MSP staff act as users of the CloudShark system. Users can be organized into groups and permissions are on a per-capture basis. Captures can be imported manually, pushed to an auto-import directory, or uploaded using the CloudShark API. Then they can be shared, organized, and annotated making things easier for all of your teams.
The advantage of web-based packet analysis and capture management is realized best when used to interact with other people and organizations, like your customers. In this case, customers who are familiar enough with how to do packet capture can perform captures on their local systems, and upload them to an MSP’s CloudShark server.
Alternatively, using simple scripts, or tools and devices that have integrated with CloudShark, capture can be initiated by MSP technicians on a customer’s network and uploaded to the MSP’s CloudShark server.
An MSP can even give user accounts to their customers to make organization, security, and collaboration easier.
If you are a vendor or system integrator that targets the MSP world, does your system include packet capture? This can take many forms, whether it’s capture on a system designed to work with network traffic (like a switch, Wifi AP, or firewall), or captures that are generated as part of event logs.
CloudShark’s API makes collecting these captures very simple, and makes it easy for vendors to incorporate exporting to CloudShark. There’s plenty of examples of this on our website, but our most prolific examples are Meraki or Aerohive networks, who have packet capture and CloudShark upload built into their cloud management systems. Users can initiate a packet capture on any Meraki or Aerohive device, like a wireless AP, and upload the capture to CloudShark, where it can be analyzed in a browser without installing software or downloading the file.
A last note about packet capture. Not only is it extremely useful to the manage service provider ecosystem, but it is probably already in use by your teams: and that can be a big security risk of captures aren’t treated like other important customer data. Captures literally contain everything: emails, credit card transactions, passwords, and more. CloudShark Enterprise serves as a way to make sure you have a handle on how packet captures are used in your organization.
Want articles like this delivered right to your inbox?
No spam, just good networking.