Skip to content

Network Analyzer🔗

The SandboxAQ Network Analyzer processes PCAP files to detect cryptographic objects within network captures.

Integrated into AQtive Guard, the Network Analyzer allows you to upload PCAP files and generate cryptographic inventory and status reports.

The Network Analyzer relies on the standard PCAP file format, which must be created externally before being used with AQtive Guard.

Download🔗

No additional download or installation is required.

Create a PCAP file🔗

You can use your preferred network sniffer to produce a PCAP file. For instance, to create a PCAP file using tcpdump, run:

tcpdump -w file.cap

This tutorial provides more information on using tcpdump.

Upload a PCAP file🔗

Uploading a PCAP file follows the same process as uploading an application trace or a host scan.

Refer to these instructions for uploading a trace:

Upload size limitations🔗

When uploading PCAP files, take into account the available memory on the analysis VM. For optimal performance, keep the file size within half of the server’s RAM. For instance, on a server with 16 GB of RAM, restrict uploads to files to no larger than 8 GBs.

Caution

Exceeding the prescribed file size limit for PCAP uploads may result in server instability. It is strongly recommended to stay within the designated file size limit to maintain server stability and application performance.

Generate a report🔗

Once you upload your PCAP file, you can generate a report by following these steps.