• Course
  • Vendor

Learn to use Wireshark to identify and fix your TCP/IP network performance problems.

  • Course Start Date: 2021-09-27
  • Time: 08:30:00 - 16:30:00
  • Duration: 5 days 08:30 AM - 04:30 PM
  • Location: Virtual
  • Delivery Method(s): Virtual Instructor Led

Course Outline

Pre-Requisites

Recommended: TCP/IP Networking Training Course

Lessons

COURSE OVERVIEW

Global Knowledge Training with Wireshark Experts

Whether you realize it or not, skills are the key limiter to your success. For over 20 years organizations large and small have trusted Global Knowledge to deliver sustainable, scalable, repeatable training with minimal disruption. With access to Wireshark's TCP/IP Network subject matter experts delivering authorized and industry-leading instruction through multiple delivery formats, Global Knowledge sets the stage for your success by reducing skill gaps.

Optimize TCP/IP networks with Wireshark®. This hands-on, in-depth course provides the skills to isolate and fix network performance issues. Learn how Wireshark can solve your TCP/IP network problems by improving your ability to analyze network traffic.

This course will enable you to:

  • Identify and analyze the most common causes of performance problems in TCP/IP communications.
  • Develop a thorough understanding of how to use Wireshark efficiently to spot the primary sources of network performance problems.
  • Prepare for the latest Wireshark Certified Network Analyst (WCNA) certification exam.

This course will prepare you to pass your WCNA certification exam with instructor-led training from a Wireshark subject matter expert. This course also includes official Wireshark study guides, and hands-on training with live labs.

Know before you go: Please bring your own laptop loaded with Wireshark to your first class. Download Wireshark for free at www.wireshark.org.

WHAT YOU'LL LEARN

  • Top 10 reasons for network performance complaints
  • Place the analyzer properly for traffic capture on a variety of network types
  • Capture packets on wired and wireless networks
  • Configure Wireshark for best performance and non-intrusive analysis
  • Navigate through, split, and work with large traffic files
  • Use time values to identify network performance problems
  • Create statistical charts and graphs to pinpoint performance issues
  • Filter out traffic for more efficient troubleshooting and analysis
  • Customize Wireshark coloring to focus on network problems faster
  • Use Wireshark's Expert System to understand various traffic problems
  • Use the TCP/IP Resolution Flowchart to identify possible communication faults
  • Analyze normal/abnormal Domain Name System (DNS) traffic
  • Analyze normal/abnormal Address Resolution Protocol (ARP) traffic
  • Analyze normal/abnormal Internet Protocol v4 (IPv4) traffic
  • Analyze normal/abnormal Internet Control Messaging Protocol (ICMP) traffic
  • Analyze normal/abnormal User Datagram Protocol (UDP) traffic
  • Analyze normal/abnormal Transmission Control Protocol (TCP) traffic
  • Analyze normal/abnormal Hypertext Transport Protocol (HTTP/HTTPS) traffic

Classroom Live Outline

1. Introduction to Network Analysis and Wireshark

  • TCP/IP Analysis Checklist
  • Top Causes of Performance Problems
  • Get the Latest Version of Wireshark
  • Capturing Traffic
  • Opening Trace Files
  • Processing Packets
  • The Qt Interface Overview
  • Using Linked Panes
  • The Icon Toolbar
  • Master the Intelligent Scrollbar
  • The Changing Status Bar
  • Right-Click Functionality
  • General Analyst Resources
  • Your First Task When You Leave Class

2. Learn Capture Methods and Use Capture Filters

  • Analyze Switched Networks
  • Walk-Through a Sample SPAN Configuration
  • Analyze Full-Duplex Links with a Network TAP
  • Analyze Wireless Networks
  • USB Capture
  • Initial Analyzing Placement
  • Remote Capture Techniques
  • Available Capture Interfaces
  • Save Directly to Disk
  • Capture File Configurations
  • Limit Your Capture with Capture Filters
  • Examine Key Capture Filters

3. Customize for Efficiency: Configure Your Global Preferences

  • First Step: Create a Troubleshooting Profile
  • Customize the User Interface
  • Add Custom Columns for the Packet List Pane
  • Set Your Global Capture Preferences
  • Define Name Resolution Preferences
  • Configure Individual Protocol Preferences

4. Navigate Quickly and Focus Faster with Coloring Techniques

  • Move Around Quickly: Navigation Techniques
  • Find a Packet Based on Various Characteristics
  • Build Permanent Coloring Rules
  • Identify a Coloring Source
  • Use the Intelligent Scrollbar with Custom Coloring Rules
  • Apply Temporary Coloring
  • Mark Packets of Interest

5. Spot Network and Application Issues with Time Values and Summaries

  • Examine the Delta Time (End-of-Packet to End-of-Packet)
  • Set a Time Reference
  • Compare Timestamp Values
  • Compare Timestamps of Filtered Traffic
  • Enable and Use TCP Conversation Timestamps
  • Compare TCP Conversation Timestamp Values
  • Determine the Initial Round Trip Time (iRTT)
  • Troubleshooting Example Using Time
  • Analyze Delay Types

6. Create and Interpret Basic Trace File Statistics

  • Examine Trace File Summary Information
  • View Active Protocols
  • Graph Throughput to Spot Performance Problems Quickly
  • Locate the Most Active Conversations and Endpoints
  • Other Conversation Options
  • Graph the Traffic Flows for a More Complete View
  • Burst Statistics
  • Numerous Other Statistics are Available
  • Quick Overview of VoIP Traffic Analysis
  • SIP and RTP Analysis Overview
  • SIP Call Setup
  • Analyzing Call Setup with SIP
  • Session Bandwidth and RTP Port Definition

7. Focus on Traffic Using Display Filters

  • Display Filters
  • Filter on Conversations/Endpoints
  • Build Filters Based on Packets
  • Display Filter Syntax
  • Use Comparison Operators and Advanced Filters
  • Filter on Text Strings
  • Build Filters Based on Expressions
  • Watch for Common Display Filter Mistakes
  • Share Your Display Filters

8. TCP/IP Communications and Resolutions Overview

  • TCP/IP Functionality
  • When Everything Goes Right
  • The Multi-Step Resolution Process
  • Resolution Helped Build the Packet
  • Where Faults Can Occur
  • Typical Causes of Slow Performance

9. Analyze DNS Traffic

  • DNS Overview
  • DNS Packet Structure
  • DNS Queries
  • Filter on DNS Traffic
  • Analyze Normal/Problem DNS Traffic

10. Analyze ARP Traffic

  • ARP Overview
  • ARP Packet Structure
  • Filter on ARP Traffic
  • Analyze Normal/Problem ARP Traffic

11. Analyze IPv4 Traffic

  • IPv4 Overview
  • IPv4 Packet Structure
  • Analyze Broadcast/Multicast Traffic
  • Filter on IPv4 Traffic
  • IP Protocol Preferences
  • Analyze Normal/Problem IP Traffic

12. Analyze ICMP Traffic

  • ICMP Overview
  • ICMP Packet Structure
  • Filter on ICMP Traffic
  • Analyze Normal/Problem ICMP Traffic

13. Analyze UDP Traffic

  • UDP Overview
  • Watch for Service Refusals
  • UDP Packet Structure
  • Filter on UDP Traffic
  • Follow UDP Streams to Reassemble Data
  • Analyze Normal/Problem UDP Traffic

14. Analyze TCP Protocol

  • TCP Overview
  • The TCP Connection Process
  • TCP Handshake Problem
  • Watch Service Refusals
  • TCP Packet Structure
  • The TCP Sequencing/Acknowledgment Process
  • Packet Loss Detection in Wireshark
  • Fast Recovery/Fast Retransmission Detection in Wireshark
  • Retransmission Detection in Wireshark
  • Out-of-Order Segment Detection in Wireshark
  • Selective Acknowledgement (SACK)
  • Window Scaling
  • Window Size Issue: Receive Buffer Problem
  • Window Size Issue: Unequal Window Size Beliefs
  • TCP Sliding Window Overview
  • Troubleshoot TCP Quickly with Expert Info
  • Filter on TCP Traffic and TCP Problems
  • Properly Set TCP Preferences
  • Follow TCP Streams to Reassemble Data 16. Examine Advanced Trace File Statistics
  • Build Advanced IO Graphs
  • Graph Round Trip Times
  • Graph TCP Throughput
  • Find Problems Using TCP Time-Sequence Graphs

15. Graph Traffic Characteristics

  • Advanced I/O Graphing
  • Graph Round Trip Times
  • Graph TCP Throughput
  • Find Problems Using TCP Time Sequence Graphs

16. Analyze HTTP Traffic

  • HTTP Overview
  • HTTP Packet Structure
  • Filter on HTTP Traffic
  • Reassembling HTTP Objects
  • HTTP Statistics
  • HTTP Response Time
  • Overview of HTTP/2
  • HTTP/2 Analysis Fundamentals
  • HTTP /2 Frame Format
  • Analyze Normal/Problem HTTP Traffic

17. Analyze TLS-Encrypted Traffic (HTTPS)

  • Analyze HTTPS Traffic
  • Encrypted Alerts
  • Decryption Steps
  • Filter on SSL

18. Review Your 10 Key Troubleshooting Steps

  • Baseline "NormalTraffic
  • Use Color
  • Look Who's Talking: Examine Conversations and Endpoints
  • Focus by Filtering
  • Create Basic IO Graphs
  • Examine Delta Time Values
  • Examine the Expert System
  • Follow the Streams
  • Graph Bandwidth Use, Round Trip Time, and TCP Time/Sequence Information
  • Watch Refusals and Redirections

LABS

Classroom Live Labs

Lab 1: Capture Traffic to/from Your Hardware Address

Lab 2: Create Your Troubleshooting Profile

Lab 3: Set Basic Preferences for Your Troubleshooting Profile

Lab 4: Find, Mark, Save, and Colorize Packets

Lab 5: Detect and Colorize High Latency Indications

Lab 6: Find the Top Talkers and Protocols/Applications on a Network

Lab 7: Create and Use an IO Graph to Spot Performance Issues

Lab 8: Locate a Text String in a Trace File

Lab 9: Create a Coloring Rule to Detect DNS Error Responses and Suspicious DNS Responses

Lab 10: Analyze a Network Problem Indicated by ARP

Lab 11: Filter on a Range of IPv4 Addresses

Lab 12: Detect Suspicious Traffic with a New ICMP Coloring Rule

Lab 13: Analyze UDP-Based Multicast Streams and Queuing Delays

Lab 14: Use an IO Graph to Locate TCP Performance Issues

Lab 15: Determine Who is at Fault and Work with Multiple Trace Files

Lab 16: Determine the Cause of Slow File Downloads

Lab 17: Use TCP Graphs to Detect the Cause of Performance Problems

Lab 18: Create a Filter Expression Button to Detect HTTP Error Responses

Lab 19: Export an HTTP Object

Lab 20: Decrypt HTTPS Communications

WHO SHOULD ATTEND

Anyone interested in learning to troubleshoot and optimize TCP/IP networks and analyze network traffic with Wireshark, especially network engineers, information technology specialists, security analysts, and those preparing for the Wireshark Certified Network Analyst exam.

Cancellation Policy

We require 16 calendar days notice to reschedule or cancel any registration. Failure to provide the required notification will result in 100% charge of the course. If a student does not attend a scheduled course without prior notification it will result in full forfeiture of the funds and no reschedule will be allowed. Within the required notification period, only student substitutions will be permitted. Reschedules are permitted at anytime with 16 or more calendar days notice. Enrollments must be rescheduled within six months of the cancel date or funds on account will be forfeited.

Training Location

Online Classroom
your office

your city, your province
your country   

About Global Knowledge

x

Global Knowledge is the world's leading learning services and professional development solutions provider. We deliver learning solutions to support customers as they adapt to key business transformations and technological advancements that drive the way that organizations around the world differentiate themselves and thrive. Our learning programs, whether designed for a global organization or an individual professional, help businesses close skills gaps and foster an environment of continuous talent development.

Training Provider Rating

This vendor has an overall average rating of 4.38 out of 5 based on 431 reviews.

I would never take another course that starts at 11AM and goes to 9PM again. The way the course was laid out really took away from ... Read more
x

I would never take another course that starts at 11AM and goes to 9PM again. The way the course was laid out really took away from the capturing of what was presented as it was 5-6 hours of watching a screen before getting to the actual labs. There has to be a better way to lay out this particular course. In my previous course, the lectures were broken up by labs which worked out fantastic and kept you engaged in the course. There were days when in order to actually complete the labs, would go over the 9PM day end time frame. Was able to get the primary labs done, but if you want to get all the content completed, you cannot complete it in the window of this course, you will need to come back on your own time.

No comment
No comment
Instructor was great
No comment
No comment
No comment
No comment
No comment
No comment
No comment
No comment
No comment
No comment
No comment
No comment
No comment
No comment
No comment
Wasn’t as advanced as I thought it would be. There was an issue when the day my course was the first time they used a new platfo ... Read more
x

Wasn’t as advanced as I thought it would be. There was an issue when the day my course was the first time they used a new platform.. from adobe to something called zoom; I had to call support line cause it stated our instructor wasn’t present. Thankfully I called cause everyone online was in the adobe virtual classroom waiting for what looked like a teacher who didn’t show up for class (IT didn’t get anything resolved until 10mins after start time). I felt like he was really getting hung up on very basic knowledge for the first half of the course (talking about how to create tabs and drag formulas as an example). I completed files a few times before he was done explaining. There was a scheduled fire drill for them (roughly 30mins)that also cut into our time, which wasn’t deducted from the hour lunch break or the two, fifteen min breaks. I also really wish he touched base more on the automating workbook functions portion which we barely did. I'm happy there were/are those study guides (learning videos) and exams to take on my own time that I hope after I've had the class are still available for me to learn from.

Course Reviews

No Reviews Yet