Try it for Yourself - LANdecoder32 - Download a Fully Working 30 Day Trial NOW (c5MB File)

View the Data Sheet (c285K File)

Product Overview - LANdecoder32 Version 3.0

Since its inception in 1989, Triticom's strategy has been to provide the most functionality for the lowest cost in the software-based network analysis tool market. We are constantly improving our products through periodic upgrades that add more functions and greater utility. Triticom is proud to announce the Version 3.0 upgrade to our award winning LANdecoder32 network analysis product. The following new features have been added:

• Decoder - LANdecoder32's list of decodes has expanded to include PPP support and a host of its Control Protocols, such as, Ipv6, HTTP 1.1, and NetBIOS over IP. These new additions raise the number of supported decodes to over 120.
• Monitor - The monitor utility of LANdecoder32 has been enhanced in both functionality and user friendliness. The Sources/Destinations/Conversations windows now display other high-level protocols in addition to the previously supported MAC level. Also, Capture-to-File functionality is supported in V3.0. LANdecoder32 now supports NT 4.0 and Win9X PPP adapters via the NDIS driver.

Enabling Triticom's high-performance AccuCapture drivers to operate as Plug-and-Play devices enhances user friendliness. You merely install our PnP driver rather than the manufacturer-supplied NDIS driver for a particular adapter, and a PnP driver entry appears in the AccuCapture driver list within Monitor, enabling fast, easy installation.

With the features added in V3.0, the industry leading LANdecoder32 has raised the bar again in the software-based, network analysis tool market.

LANdecoder32 V3.0 is available now for shipment. Contact:sales@netunlim.com.

Triticom adds a new term to the LAN administrator’s vocabulary:

LANdecoder32 noun 1. a 32-bit protocol analyzer designed for Windows 95^TM and Windows NT^TM 4.0 containing capabilities to not only perform protocol analysis, but also to monitor traffic, 2. software that can operate on Ethernet (10 Mbps and 100 Mbps) and Token-Ring (4 Mbps and 16 Mbps) networks 3. technology that provides state-of-the-art on-line help with protocol examples verb 1. supports custom decodes and analyzes over 85 protocols that use either local network attachment or distributed RMON probe technology 2. provides expert analysis of your network, 3. traps user set exceptions and thresholds adj 1. the very best!

System requirements

• Microsoft Windows 95 or Windows NT Version 4.0
• Minimum of 16 MB of RAM
• 80486/133 Mhz
• One supported Ethernet adapter or a compatible NIC that supports a promiscuous NDIS driver
• Remote monitoring with RMON probes requires a Windows socket (Winsock) v1.1 installed on the LANdecoder32 PC along with TCP/IP connectivity to the RMON probe(s)

System recommendations

• 150 Mhz Pentium processor
• 32 MB of RAM
• Monitor resolution of 800 x 600 or higher

Topology Support

• 10 Mbps Ethernet
• 100 Mbps Ethernet
• 4 Mbps Token-Ring
• 16 Mbps Token-Ring

Monitoring interfaces

Local: Collect statistics and frames from the network that LANdecoder32 is attached to. There are two separate methods to perform local monitoring/analysis: Microsoft’s NDIS drivers and Triticom’s AccuCapture^TM Drivers. The NDIS drivers allows you to use the same adapter simultaneously for network monitoring operations while talking with file servers, other workgroup computers, and even remote RMON probes. For maximum performance and high-fidelity error and statistic reporting, we recommend installing a supported adapter which is dedicated to LANdecoder32 using the AccuCapture Driver. Triticom designed its direct-to-the-adapter AccuCapture Drivers with the sole purpose of streamlining and optimizing Ethernet network monitoring and frame capture under Windows 95/NT.

Remote: Collect statistics and frames from any industry standard RMON probes attached to the network. LANdecoder32 maintains communications with the RMON probe so that network statistics can be updated and viewed on your computer.

Please review the adapter interface tradeoffs for local and remote monitoring.

Protocol decodes with "expert analysis"

LANdecoder32's expert analysis tool organizes the frames in a trace file in various ways so you can study the network layer addressing, connection, or application layer data flow. This allows you to quickly get a feel for the activity on your network at the network layers and above. The expert analyzes the current "trace" file and displays it from a variety of perspectives: host, socket, connection, and application.

In addition, the expert analysis makes observations and points-out potential problems that can ordinarily be difficult to discover. The added delay from retransmissions or routing loops may not be noticeable to the end-user until they become extremely pronounced; even then sorting through a flat trace file and comparing sequence and acknowledgement numbers, or searching for network layer addresses can be quite tedious and time consuming.

The expert analysis can help characterize network usage, identify operations that are network sensitive, and point out inefficiencies. With this information, the network administrator can make educated performance improvements.

Common types of errors for four protocol types are included in the expert analysis

• IP addressing problems
• TCP connection problems
• IPX addressing problems
• NCP transaction problems

Using expert analysis, LANdecoder32 can quickly sift through literally thousands of captured frames and alert you to potential problems on your network!

Custom Decode Support

A development kit is now provided to allow the LANdecoder32 user with a means for adding custom protocol decodes to the LANdecoder32 "decoder" application. This is accomplished by developing a supplementary, or add-on, dynamically-linked library (the USRDCODE DLL) that is loaded by the LANdecoder32 executable at run-time.

The SDK includes a framework, written in C++, that provides classes which encapsulate the core API, simplifying the process of adding decodes. Examples, including all source code and project files are included for both the Borland C++ v5.01 and Visual C++ v4.2 development environments.

Decode Display Modes

• Protocol Summary, this window contains a one-line per frame summary of each packet.
• Protocol Details, this window augments the Summary window by providing a detailed seven-layouter protocol decode of a frame along with associated hexadecimal and ASCII values.
• Decode displays are color-coded to clearly show each layer of the OSI model being presented. The color assigned to each OSI layer is user selectable, as is the font used by the program. Color printing of the decode displays is also supported.
• LANdecoder32 can present a graph of the protocols present in the summary window. This includes the percentage and total count of frames containing each type of protocol.

Filter Options

• Frame content filters are enabled in LANdecoder32 for specifying frames to capture or to further refine the contents of the summary window - two types of content filters are available; station and pattern filters.
  • Station filters are used to designate stations that should be included in the capture or summary window. The filter may specify a single station or a conversation between two stations.
  • Patterns of up to 32 bits which must be present at a certain offset in a frame can be specified. If the bit pattern matches, the frame will be stored in the RMON probe's capture buffer or in the current summary window. Desired patterns are specified by a filter template identifying the offset of a field in the frame relative to the end of the selected frame type header. A user-extensible list of over 200 predefined values are provided for filtering.
• Protocol filters allow frames to be filtered in the summary window by protocol types.
• Hex filters allow frames to be filtered in the summary window by a specified string of hexadecimal data. This string can be searched for at any location within the frame or at a specific offset into the frame.
• ASCII filters allow frames to be filtered in the summary window by a specified string of ASCII data. This string can be searched for at any location within the frame or at a specific offset into the frame.

Traffic monitoring

LANdecoder32 features sophisticated traffic monitoring functions on top of the excellent protocol decodes. A robust set of reports can be generated at user-specified time intervals and exported and studied in popular spreadsheet applications.

Several real-time displays, graphs, and network alarms can be configured by the user:

Remote Monitoring Protocol Distribution Display

When monitoring locally (using an AccuCapture or NDIS driver), the protocol list is generated by LANdecoder32 and is based upon the protocols which are decoded by the LANdecoder32. Monitoring the protocol distribution remotely requires an RMON2 compliant (RFC 2021) probe. When gathering protocol distribution information from an RMON2 probe, the probe determines the protocol layer descriptions - LANdecoder32 simply downloads these strings from the probe.

Flexible Name Management

Station names are used to associate an easily recognized name with a MAC address. Supported file formats include LANdecoder32 generated .NET files, .LAN files (from Triticom's Vision or LANdecoder products) and .CSV files (Comma Separated Value).

File Compatibility

LANdecoder32 can load, convert, and save the following trace file formats: LANdecoder32, Triticom's LANdecoder,^TM Network General's Sniffer,^TM and Novell's LANalyzer.^TM

Detailed on-line help

LANdecoder32’s on-line help system sets the standard for state-of-the-art protocol analyzer help systems. Each decoded protocol has available (by simply pressing F1) an explanation of the protocol, an example of the protocol decode, and a detailed explanation of the protocol fields and their allowable values.

Designed for Windows 95/NT

Triticom has chosen the advanced Windows operating systems from Microsoft as its network management platform. The reason for this choice is simple economics. Instead of the high cost management platforms promoted by competitors such as HP and IBM, Windows 95/NT is readily available and convenient to use. This means managing your network does not require that you first learn a "platform" and then learn to operate your management system or protocol analyzer. Further, in many cases using our competitors products-- such as OpenView, NetView, or SystemView-- your total solution cost is dominated by the platform cost rather than the management application cost.