Protocol Analyzers: Definition & Tools

Instructor: Erik Rodriguez

Erik has experience working in Cybersecurity and has a Master's of Science in Information Systems.

In this lesson, we will go over what protocol analyzers are and the role they play in managing networks. Additionally, we will review some of the popular protocol analyzers used by network administrators today.

Solving a Mystery

As you complete your work in your office, you notice your network begin to slow to a crawl. You suspect that a machine on your network is taking up too much of the network's resources. But how can you determine this for sure? Much like a police detective's wide range of tools used in investigations, network and cybersecurity administrators also have an array of tools that help them to defend their networks against hackers and other malicious activity. One of these tools is known as a protocol analyzer.

Protocol Analyzers Defined

A protocol analyzer is a type of tool that gives network administrators the ability to perform various network and security auditing activities. This includes, but is not limited to, capturing data packets as they traverse through the network in order to detect unusual activity, monitoring a network's bandwidth use, and detecting where a data packet was sent from and where in the network it was headed. Today, there are several different types of protocol analyzers that can be used as part of a network defense strategy.


Wireshark is perhaps one of the more popular protocol analyzers in use today. Wireshark is a free application that captures data packets on a network and displays its findings in a user-friendly graphical interface. This makes Wireshark a popular choice for students and those who wish to learn about protocol analyzers. Additionally, Wireshark offers the user the ability to view how encapsulation works. Encapsulation refers to the process of translating a data packet from one protocol to another. This is accomplished by encapsulating the original data packet with the necessary information for it to comply with the new protocol.

Microsoft Message Analyzer

Microsoft Message Analyzer is a Windows-based protocol analyzer. It works in very much the same way as Wireshark but is designed to only run on Windows-based machines. Additionally, Network Monitor has the added feature of giving users the ability to customize the graphical user interface. According to Microsoft, users have the ability to sort data in various logs and graphs to better suit their needs. This high level of customization makes Microsoft Message Analyzer a great choice for those who need to work with large amounts of data packets. More information about Microsoft Message Analyzer can be found at

To unlock this lesson you must be a Member.
Create your account

Register to view this lesson

Are you a student or a teacher?

Unlock Your Education

See for yourself why 30 million people use

Become a member and start learning now.
Become a Member  Back
What teachers are saying about
Try it risk-free for 30 days

Earning College Credit

Did you know… We have over 160 college courses that prepare you to earn credit by exam that is accepted by over 1,500 colleges and universities. You can test out of the first two years of college and save thousands off your degree. Anyone can earn credit-by-exam regardless of age or education level.

To learn more, visit our Earning Credit Page

Transferring credit to the school of your choice

Not sure what college you want to attend yet? has thousands of articles about every imaginable degree, area of study and career path that can help you find the school that's right for you.

Create an account to start this course today
Try it risk-free for 30 days!
Create An Account