Notice
This guide is for the original release of AQtive Guard. For the current AQG SaaS platform, go to the AQtive Guard User Guide.
Getting started with PCAP upload↑
The SandboxAQ Network Analyzer processes packet capture (PCAP) files to detect cryptographic objects within network captures.
Tip
The AQtive Guard Network Analyzer also includes the yanadump tool that can be deployed as a standalone and portable Linux binary to prepare live network traffic for analysis. Refer to Getting started with live network traffic monitoring for details.
Create a PCAP file↑
You can use your preferred network sniffer to produce a PCAP file. For instance, to create a PCAP file using tcpdump, run:
This tutorial provides more information on using tcpdump.
The Network Analyzer can also process packet capture data through integrations with popular network security and monitoring platforms. For available options, refer to Integrations & plugins.
Run an analysis using PCAP↑
Upload the PCAP or yanadump trace file to AQtive Guard to run an analysis and generate a report. For details on uploading to the AQtive Guard web interface, refer to Run an analysis.
Tip
To save bandwidth and shorten the upload time, use gzip to compress the trace file before uploading: