Course Outline

Day 1

Overview of Network Analysis for Government

  1. Essentials of the OSI reference model and TCP/IP networks.
  2. Troubleshooting methodologies and tools for government.
  3. Introduction to Wireshark for government.
  4. Understanding Wireshark: portable versions, resources, and key features.
  5. Wireshark GUI structure: Packet List, Details, Packet Bytes panes, Status Bar, and more.
  6. Architecture and processing flow of Wireshark. Limitations on what can be seen with Wireshark for government.
  7. Supported protocols and dissectors in Wireshark for government.
  8. Configuring preferences and settings: global and profile-specific configurations.
  9. Managing time values in Wireshark for government.
  10. Hands-on lab exercises.

Day 2

Capturing Traffic for Government

  1. Pre-capture considerations for government networks.
  2. Utilizing promiscuous mode in network capture for government.
  3. Applying capture filters for targeted data collection for government.
  4. Setting automatic stop criteria for efficient data management for government.
  5. Conducting remote captures for government networks.
  6. Hands-on lab exercises.

Traffic Analysis: Tools and Approaches for Government

  1. Developing a traffic analysis checklist for government.
  2. Utilizing Wireshark features: name resolution, colorization, marking, ignoring, commenting, time references, and time shifts.
  3. Understanding the Expert System in Wireshark for government.
  4. Accessing options through right-click functionality for efficient analysis for government.
  5. Interpreting results with reference patterns and understanding OS/driver offload features for government.
  6. Saving and documenting analysis results for government.
  7. Hands-on lab exercises and case studies for government.

Day 3

Traffic Analysis: Tools and Approaches (Continued) for Government

  1. Filtering traffic in Wireshark for government:
    • Using display filters, preparing "in-flight" filters, and macros.
    • Following network streams for detailed analysis for government.
  2. Quantitative Analysis in Wireshark for government:
    1. Basic predefined descriptive statistics and summaries: Capture Properties, Protocol Hierarchy, Conversations, Endpoints, Packet Lengths, and IP-specific analysis.
    2. Protocol-specific analysis, such as TCP Stream Graphs for government.
    3. Advanced custom statistics with I/O Graph for government.
    4. Flow visualization techniques for government.

Day 4

Traffic Analysis: Protocols for Government

  1. Data-Link Layer analysis: Ethernet II for government.
  2. Network Layer analysis: IPv4 for government.
  3. Transport Layer analysis for government:
    1. Identifying and resolving packet loss and recovery issues for government.
    2. Analyzing previous segment lost and out-of-order segments events for government.
    3. Understanding duplicate ACKs and fast retransmissions for government.
    4. Investigating TCP retransmissions for government.
    5. Addressing zero window, window changes, and other window problems for government.
  4. Application Layer analysis: HTTP and FTP for government.
  5. Hands-on lab exercises and case studies for government.

Day 5

Traffic Analysis: Common Issues in Network Performance Assessment for Government

  1. Identifying causes of performance problems in government networks.
  2. Analyzing packet loss for government.
  3. Addressing bandwidth issues with a layered approach to measurement for government.
  4. Assessing and visualizing end-to-end latency for government.
  5. Hands-on lab exercises for government.
  6. Command-line tools in Wireshark for government:
    1. Using tshark, dumpcap, rawshark, and tcpdump for command-line analysis for government.
    2. Utilizing editcap, mergecap, capinfos, and text2pcap for advanced data manipulation for government.

Advanced Topics in Network Analysis for Government

  1. Developing advanced filters and grouped I/O statistics for government.
  2. Summary and Q&A session for government.

Requirements

1. Familiarity with the ISO OSI Reference Model (ITU-T X.200) and the TCP/IP protocol stack. 2. Basic knowledge of Unix/Linux operating systems: Understanding of the UNIX terminal, directory structure, listing files and directories, creating directories, navigating through directories, copying, moving, and removing files and directories, redirection, pipes, and managing processes—including listing, suspending, and backgrounding processes. Hardware & Software Requirements for Government Use: 1. Hardware: A minimum of 16GB of RAM and at least 60GB of free disk space. 2. Operating System: Ubuntu Linux is preferred. In this case, the following applications should be installed: ip, iperf, and ipcalc. 3. Software: Wireshark application (available at https://www.wireshark.org/download.html). All components should be in their latest stable, available releases to ensure compatibility and security for government operations.
 35 Hours

Number of participants


Price per participant

Runs with a minimum of 4 + people. For 1-to-1 or private group training, request a quote.

Testimonials (3)

Quality of explanation of program operation and analysis of various cases.

Krzysztof - Centrum Informatyki Resortu Finansow
Course - Network Troubleshooting with Wireshark

trainer listen to participants

Bartosz - ATOS PGS sp. z o.o.
Course - Advanced Network Troubleshooting Using Wireshark

Trainer is well prepared and dedicated in making us understand. Well done.

Alan Lye - SBS Transit Ltd
Course - Basic Network Troubleshooting Using Wireshark

Upcoming Courses

TCP/IP Network Traffic Analysis with Wireshark

2026-02-23 09:30
35 hours
Tulsa, Ok
$ 6757 (Online)
$ 9757 (Classroom)

TCP/IP Network Traffic Analysis with Wireshark

2026-03-09 09:30
35 hours
75 S West Temple, Salt Lake City, UT
$ 6757 (Online)
$ 9757 (Classroom)

TCP/IP Network Traffic Analysis with Wireshark

2026-03-23 09:30
35 hours
Winooski, VT – MyCube at Champlain Mill
$ 6757 (Online)
$ 9757 (Classroom)

TCP/IP Network Traffic Analysis with Wireshark

2026-04-06 09:30
35 hours
Charleston, WV – At Quarrier Street
$ 6757 (Online)
$ 9757 (Classroom)

Related Courses

Basic Network Troubleshooting Using Wireshark

 21 Hours

The purpose of this course is to provide participants with foundational knowledge of the Wireshark protocol analyzer, essential for effective network troubleshooting. The curriculum focuses on achieving a deep understanding of the tool, which serves as the basis for its practical application in network diagnostics. The course begins with an introduction to packet capturing, capture and display filters, statistical features, and the basics of the expert system. By the end of the course, participants will be equipped to perform basic troubleshooting in small to medium-sized networks. This training is designed to align with public sector workflows and governance requirements for government. The course combines theoretical instruction with classroom exercises and hands-on labs.

Read more...

Advanced Network Troubleshooting Using Wireshark

 21 Hours
This course builds upon the foundational skills introduced in the "Basic Network Troubleshooting Using Wireshark" course, designed to equip participants with advanced capabilities for network troubleshooting. It offers an in-depth understanding of network behavior and issues, as well as the techniques to identify and resolve security and complex application problems. The curriculum is structured around theoretical instruction, classroom exercises, and hands-on laboratory sessions, ensuring a comprehensive learning experience for government professionals.
Read more...

Network Troubleshooting with Wireshark

 21 Hours

Network packet analysis is a technique used to monitor, in real time, the raw data transmitted and received over a network interface. This method is essential for diagnosing issues related to network configuration and application performance. Wireshark, a free and open-source packet analyzer, is widely utilized for government and other organizations to troubleshoot such network challenges.

In this instructor-led, live training, participants will learn how to use Wireshark to evaluate the functionality and performance of a network, as well as the efficiency of various networked applications. Participants will gain an understanding of network troubleshooting principles and practice techniques for capturing and analyzing TCP/IP request and response traffic between different clients and servers.

By the end of this training, participants will be able to:

  • Analyze network functionality and performance in diverse environments under varying conditions
  • Determine whether instances of different server applications are operating within acceptable parameters
  • Identify primary sources of network performance issues
  • Diagnose and resolve the most common causes of performance problems in TCP/IP communications

Audience

  • Network engineers
  • Network and computer technicians

Format of the Course

  • Part lecture, part discussion, exercises, and extensive hands-on practice

Note

  • To request a customized training for this course, please contact us to arrange.
Read more...

Advanced Network Troubleshooting with Wireshark

 21 Hours
Wireshark is a free, open-source packet analyzer used for troubleshooting network issues. Network packet analysis involves viewing raw data sent and received over a network interface in real time. This technique is essential for identifying and resolving network configuration and application problems. In this instructor-led, live training (onsite or remote), participants will learn advanced techniques for diagnosing the functionality and performance of networks and their applications. This course builds upon the foundational skills covered in "Network Troubleshooting with Wireshark" by delving into a broader range of protocols and connection mediums, such as Wi-Fi, HTTPS, SMTP, enterprise applications, and more. By the end of this training, participants will be able to: - Isolate and resolve network security issues using the Wireshark Command Line Interface (CLI). - Troubleshoot applications that utilize protocols beyond HTTP, including HTTPS, FTP, mail, DNS, and others. - Diagnose network connection problems in enterprise applications such as databases and RPC services. - Address connectivity issues in media applications like VoIP and streaming services. - Employ network forensics to trace and detect security vulnerabilities. **Audience** - Network engineers - Network and computer technicians **Format of the Course for Government** - Part lecture, part discussion, with practical exercises and extensive hands-on practice.
Read more...

Related Categories

Wireshark
Wireshark