IT Operations AnalyticsScalable Enterprise Packet Capture

Laying the Foundation for Enterprise Network Analytics

Corvil Capture ensures a complete and reliable packet capture, preventing loss even through sudden large and extended bursts of traffic (supporting up to 80Gbps line rate bursts for all packet size profiles).

It delivers fast, intuitive access to packet captures across all devices for use by multiple teams, for a variety of uses, including:

  • Performing forensic investigations
  • Resolving service, application, or network issues
  • Understanding digital user experiences
  • Complying with various regulations

Cost effective capture options support a wide range of sites, while laying the foundation for advanced analytics and business intelligence.



  • Improved capture accuracy and reliability
  • Cost effective global coverage with centralized management
  • Improved value realization across multiple teams
  • Increased productivity with streamlined packet export and stored data analysis
  • Future-proof foundation for a modular network monitoring and analytics strategy

Analysis offered by packet-based technology is packet-timing-based, allowing vendors to identify sources of delay, measure user response time and ultimately pinpoint the root cause of performance problems.

– Gartner

IT Central Station

Best Practices for Trade Infrastructure and Execution Analytics

Free Download

Get More Value for Your Investment

Better Data Quality Assurance

  • Continuously monitors completeness of captured data
  • Reports missing TCP data to identify upstream traffic drops
  • Detects overloaded SPAN sessions affecting timestamp accuracy

Higher User Productivity

  • Intuitive packet extraction interface
  • Efficient search, filter and export minimizes manual effort
  • Centralized management of update petabytes of capture storage
  • API for extraction automation

Easy, Modular Analytics Upgrades

  • Capture appliances serve as infrastructure foundation for analytics upgrades
  • Analytics upgrades can be applied to any capture appliance meeting capacity requirements
  • Analytics upgrades are modular and can be added in stages

Network Capture Analytics

TCP Metrics
TCP metrics calculated per flow including zero window size, resets, terminated flows, concurrent connections.

DPI Application Recognition
Automatically detect and report applications per flow using deep packet application signature engine.

Report the true bandwidth utilization of flows or groups of flows.

Top Conversations
Visualize top conversations based on any query.

Bandwidth Utilization
Show average packet rate and bitrate for any query.

Filter And Visualize
Query the packets by traffic subnets, ports, TOS bits, application and TCP flag and report all analytics.

Filter And Zoom
Apply traffic and quality filters, zoom down to any arbitrary time period for interactive visualizations.

Top Talkers/listeners
Apply filters, zoom to arbitrary time periods and immediately identify top talkers and listeners.

Problem Overview

You Can’t Analyze What You Don’t Capture

Many organizations, seeking more effective forensic investigations, more efficient service assurance, faster issue resolution, and more detailed audit trails for compliance, are looking to packet captures for answers.

While “packets don’t lie,” capturing them at scale, and providing ready access to several teams, each requiring a small subset of the global captures, is not easy.

Organizations unable to balance the cost of a global solution and requirements across teams will lack the foundational data acquisition and visibility needed to optimize and protect their digital enterprises.

Solution Overview

A Single Point Of Access For Filtering And Extraction Of Packets From Any Device Globally

The Corvil enterprise packet capture solution is a fully distributed architecture that scales linearly as the packet capture deployment grows. A single point of access is provided for the filtering and extraction of packets from any device globally. The platform offers deployment options ranging in storage from 3 TB’s to 100’s of TB’s of effective capture storage on a single device. This delivers a single packet data system containing potentially petabytes of packets that can be queried from a single interface. You have immediate access to global captures with a one click export to download pcap to your desktop; support for all leading network packet brokers port tagging and time-stamping capabilities and programmatic API for packet capture filtering and export.


  • Intuitive UI access to global packets using generally familiar query and filter syntax (ex: tshark, BPF)
  • Easy software upgrade path to full IT Operational Analytics
  • Streaming compression of all packets to maximize disk capacity and historical access to packets