Course Summary

Optimize TCP/IP networks with Wireshark®. This hands-on, in-depth course provides the skills to isolate and fix network performance issues. Learn how Wireshark can solve your TCP/IP network problems by improving your ability to analyze network traffic. This course will enable you to:

• Identify and analyze the most common causes of performance problems in TCP/IP communications.
• Develop a thorough understanding of how to use Wireshark efficiently to spot the primary sources of network performance problems.
• Prepare for the latest Wireshark Certified Network Analyst (WCNA) certification exam.

Module 1. Introduction to Network Analysis and Wireshark
• TCP/IP Analysis Checklist
• Top Causes of Performance Problems
• Get the Latest Version of Wireshark
• Capturing Traffic
• Opening Trace Files
• Processing Packets
• The Qt Interface Overview
• Using Linked Panes
• The Icon Toolbar
• Master the Intelligent Scrollbar
• The Changing Status Bar
• Right-Click Functionality
• General Analyst Resources
• Your First Task When You Leave Class

Module 2. Learn Capture Methods and Use Capture Filters
• Analyze Switched Networks
• Walk-Through a Sample SPAN Configuration
• Analyze Full-Duplex Links with a Network TAP
• Analyze Wireless Networks
• USB Capture
• Initial Analyzing Placement
• Remote Capture Techniques
• Available Capture Interfaces
• Save Directly to Disk
• Capture File Configurations
• Limit Your Capture with Capture Filters
• Examine Key Capture Filters

Module 3. Customize for Efficiency: Configure Your Global Preferences
• First Step: Create a Troubleshooting Profile
• Customize the User Interface
• Add Custom Columns for the Packet List Pane
• Set Your Global Capture Preferences
• Define Name Resolution Preferences
• Configure Individual Protocol Preferences

Module 4. Navigate Quickly and Focus Faster with Coloring Techniques
• Move Around Quickly: Navigation Techniques
• Find a Packet Based on Various Characteristics
• Build Permanent Coloring Rules
• Identify a Coloring Source
• Use the Intelligent Scrollbar with Custom Coloring Rules
• Apply Temporary Coloring
• Mark Packets of Interest

Module 5. Spot Network and Application Issues with Time Values and Summaries
• Examine the Delta Time (End-of-Packet to End-of-Packet)
• Set a Time Reference
• Compare Timestamp Values
• Compare Timestamps of Filtered Traffic
• Enable and Use TCP Conversation Timestamps
• Compare TCP Conversation Timestamp Values
• Determine the Initial Round Trip Time (iRTT)
• Troubleshooting Example Using Time
• Analyze Delay Types

Module 6. Create and Interpret Basic Trace File Statistics
• Examine Trace File Summary Information
• View Active Protocols
• Graph Throughput to Spot Performance Problems Quickly
• Locate the Most Active Conversations and Endpoints
• Other Conversation Options
• Graph the Traffic Flows for a More Complete View
• Burst Statistics
• Numerous Other Statistics are Available
• Quick Overview of VoIP Traffic Analysis
• SIP and RTP Analysis Overview
• SIP Call Setup
• Analyzing Call Setup with SIP
• Session Bandwidth and RTP Port Definition

Module 7. Focus on Traffic Using Display Filters
• Display Filters
• Filter on Conversations/Endpoints
• Build Filters Based on Packets
• Display Filter Syntax
• Use Comparison Operators and Advanced Filters
• Filter on Text Strings
• Build Filters Based on Expressions
• Watch for Common Display Filter Mistakes
• Share Your Display Filters

Module 8. TCP/IP Communications and Resolutions Overview
• TCP/IP Functionality
• When Everything Goes Right
• The Multi-Step Resolution Process
• Resolution Helped Build the Packet
• Where Faults Can Occur
• Typical Causes of Slow Performance

Module 9. Analyze DNS Traffic
• DNS Overview
• DNS Packet Structure
• DNS Queries
• Filter on DNS Traffic
• Analyze Normal/Problem DNS Traffic

Module 10. Analyze ARP Traffic
• ARP Overview
• ARP Packet Structure
• Filter on ARP Traffic
• Analyze Normal/Problem ARP Traffic

Module 11. Analyze IPv4 Traffic
• IPv4 Overview
• IPv4 Packet Structure
• Analyze Broadcast/Multicast Traffic
• Filter on IPv4 Traffic
• IP Protocol Preferences
• Analyze Normal/Problem IP Traffic

Module 12. Analyze ICMP Traffic
• ICMP Overview
• ICMP Packet Structure
• Filter on ICMP Traffic
• Analyze Normal/Problem ICMP Traffic

Module 13. Analyze UDP Traffic
• UDP Overview
• Watch for Service Refusals
• UDP Packet Structure
• Filter on UDP Traffic
• Follow UDP Streams to Reassemble Data
• Analyze Normal/Problem UDP Traffic

Module 14. Analyze TCP Protocol
• TCP Overview
• The TCP Connection Process
• TCP Handshake Problem
• Watch Service Refusals
• TCP Packet Structure
• The TCP Sequencing/Acknowledgment Process
• Packet Loss Detection in Wireshark
• Fast Recovery/Fast Retransmission Detection in Wireshark
• Retransmission Detection in Wireshark
• Out-of-Order Segment Detection in Wireshark
• Selective Acknowledgement (SACK)
• Window Scaling
• Window Size Issue: Receive Buffer Problem
• Window Size Issue: Unequal Window Size Beliefs
• TCP Sliding Window Overview
• Troubleshoot TCP Quickly with Expert Info
• Filter on TCP Traffic and TCP Problems
• Properly Set TCP Preferences
• Follow TCP Streams to Reassemble Data
• Examine Advanced Trace File Statistics
• Build Advanced IO Graphs
• Graph Round Trip Times
• Graph TCP Throughput
• Find Problems Using TCP Time-Sequence Graphs

Module 15. Graph Traffic Characteristics
• Advanced I/O Graphing
• Graph Round Trip Times
• Graph TCP Throughput
• Find Problems Using TCP Time Sequence Graphs

Module 16. Analyze HTTP Traffic
• HTTP Overview
• HTTP Packet Structure
• Filter on HTTP Traffic
• Reassembling HTTP Objects
• HTTP Statistics
• HTTP Response Time
• Overview of HTTP/2
• HTTP/2 Analysis Fundamentals
• HTTP /2 Frame Format
• Analyze Normal/Problem HTTP Traffic

Module 17. Analyze TLS-Encrypted Traffic (HTTPS)
• Analyze HTTPS Traffic
• Encrypted Alerts
• Decryption Steps
• Filter on SSL

Module 18. Review Your 10 Key Troubleshooting Steps
• Baseline “NormalTraffic
• Use Color
• Look Who’s Talking: Examine Conversations and Endpoints
• Focus by Filtering
• Create Basic IO Graphs
• Examine Delta Time Values
• Examine the Expert System
• Follow the Streams
• Graph Bandwidth Use, Round Trip Time, and TCP Time/Sequence Information
• Watch Refusals and Redirections

Before attending this course, you should possess a good understanding of TCP/IP and associated protocols.

The WCNA Certification Exam is a closed-book Exam consisting of 100 questions. The Exam time limit is 2 hours (120 minutes).

Following your booking, a confirmation message will be sent to all participants, ensuring you're well-informed of your successful enrollment. Calendar placeholders will also be dispatched to assist you in scheduling your commitments around the course. Rest assured, all course materials and access to necessary labs or platforms will be provided no later than one week before the course begins, allowing you ample time to prepare and engage fully with the learning experience ahead.

Our comprehensive training package includes all the necessary materials and resources to facilitate a full learning experience. Enrollees will be provided with detailed course content, encompassing a wide array of topics to ensure a thorough understanding of the subject matter. Additionally, participants will receive a certificate of completion to recognize their dedication and hard work. It's important to note that while the course fee covers all training materials and experiences, the examination fee for certification is not included but can be purchased separately.

Questions About This Course?