Net.Shark is a FPGA based Tap with filtering capabilities, that connected in pass-through mode, is able to capure traffic at wire-speed. Packets are transmitted through two ports and traffic compliant with one of the filters is sent to Wireshark.
Features and Benefits
World first hand-held, battery and 100% autonomous TAP
Hardware (FPGA) performace
Breaks out FDX traffic into separate streams to be dropped
It may aggregates filtered traffic to one DROP port into a single output stream
Traffic Regeneration
Filters
Sixteen (16) simultaneous filters can be applied to the traffic.
Ethernet source and destination MAC addresses
Sselection of MAC address sets with masks
Ethertype value with selection mask,
VLAN-VID with selection mask,
VLAN-CoS value with selection mask
IP source, destination, and source-and-destination
IP address group: subset of addresses filtered by masks
Protocol encapsulated in the IP packet (TCP, UDP, Telnet, FTP, etc.)
DSCP field, single value and range
TCP/UDP port, single value and range
Agnostics filters defined by 16 bits masks and user defined offset
Lawful filter: 64 byte pattern match at any place in the frame payload.