Packet Capture

High-capacity packet capture


Secure your network with confidence

As mobile devices and multimedia content consumption becomes more and more widespread, the volume of data traffic from mobile phones, tablets, PCs, and other smart devices is expected to continue increasing rapidly. Data centers must expand and strengthen their networks to handle this surge in traffic. Application processing and data storage are critical services, and securing a network’s functionality requires effective monitoring of the data flowing through it. Artiza Networks developed etherExtractor to make securing backbone networks more reliable and efficient through high-capacity, lossless packet capture.

The challenges of maintaining network quality and security
  • Ensuring subscribers’ promised bandwidth requires monitoring network quality
  • Creating a monitoring system that accurately gauges usage status in real time to prevent issues before they occur
  • If a problem does occur, minimizing the time required to pinpoint the cause and respond
  • Efficient and effective service management
The right packet capture tool overcomes all of these challenges
  • Fully captures 100% of packets from ever-increasing traffic loads and makes the capture data usable as fast as possible
  • Connects easily to other monitoring and anomaly detection systems
  • High reliability with excellent cost performance
  • Flexible enough to customize the system for individual use cases
  • Speedy support after installing the system
From functionality to usability,
the etherExtractor series evolves
to meet engineers’ needs.

Zero-loss data storage

The etherExtractor series uses high-endurance storage for the enterprise model that enhances reliability and durability with an optimized write method. To guarantee the etherExtractor can write 100% of capture data to storage, the product is rigorously tested through multiple long-duration testing regimens with combinations of short and jumbo packets, ensuring high performance even in the most challenging network environments.

Improve efficiency with support for
remote operation and easy compatibility with
security devices and network monitoring systems.

In addition to the streamlined GUI, the etherExtractor supports remote operation via a web API. Use log outputs from other monitoring systems to establish a flexible and efficient configuration and workflow.

New Arrival
A new standard for reliability and cost performance
Stability that lasts

The latest model of etherExtractor, eE-NEO is built on the knowledge gained from previous models’ extreme long-term operation in commercial network installations. Telecom carriers, data centers, and financial institutions demand stable, constant capture performance over extended periods of time, and the eE-NEO delivers.

IDS for industrial networks

eE-NEO is optimized for secure monitoring of mission-critical control networks. Customizing the parameters to an individual networks’ environment and traffic makes it possible to quickly and accurately identify network problems.

Compact 1U size

All the eE-NEO’s functionality and capture capabilities for interface speeds from 1GbE to 100GbE are condensed into a compact 1U device.

All-flash storage

NVMe-compatible SSDs are used for all capture storage and the OS, enabling dramatic improvements in reliability, speed, latency, and failure prediction compared to previous models.

Supports multiple users

Security enhancements allow user authentication and simultaneous operation by multiple users. Each user can operate each capture port from their own dedicated workspace.

5G fronthaul support

Capable of full capture in the highly time-sensitive 5G fronthaul environment (O-RAN), and supports time synchronization using PTPv2 (IEEE1588).

Detect "microbursts"

Microbursts are caused by highly concentrated traffic over a very short period. Accurately grasp the time, content, and frequency of traffic concentration, to optimize the investment of server resources.

Advanced GUI
Start capturing with just 3 clicks

After logging in from the browser:

1. Select a connection port

2. Select a port to capture

3. Start capturing

Capture screen

Based on the popular eE GUI, the capture operation screen has been reconfigured in an easy-to-use wide screen format. The settings screen has also been simplified with tabs for each usage scenario. The “capture profile” feature makes it easy to switch between environment settings.

Monitoring screen

Monitor the status of each component from a single screen.

Example uses:

  • Check the device for temperature abnormalities
  • Confirm link speed and link status of capture ports
  • View internal storage usage rate and operating status

Intrusion detection engine powered by


Customizable security rules

Specify parameters for customized security rules. This makes it possible to support dedicated control protocols used in factories.

Standard rules

Standard rules can be used as soon as the system is installed, including:

  • IP header / IP length errors
  • Specific protocol detection such as Telnet, SSH, ICMP, FTP, etc.
  • Port scan detection

What are the benefits for checking packet integrity on a control network?

During system maintenance, simply connect to the mirror port to accurately collect diagnostic data related to the control system. This method introduces no new load to the existing network, and eliminates the danger of unexpected malfunctions when adding new devices to the network.

Portable Type
Large storage capacity
Remote operation and trigger functions enable packet collection without requiring an engineer be on-site
Real-time monitoring, statistics, and microburst analysis functions to increase work efficiency
Multiple maintenance plans available
Portable 20G
Capture approximately 80 minutes at full-rate 20Gbps
Portable 2G / Portable 4G
Capture approximately 80 minutes at full rate
Portable 2G: Full-rate 2Gbps
Portable 4G: Full-rate 4Gbps
Equipped with replay function for actual traffic data

Even the best generators can’t come close to completely reproducing a network’s actual traffic. With etherExtractor, you can quickly reproduce any problems by replaying actual traffic captured directly from your network. This streamlines the process of conducting repeated evaluations to improve and protect your network.

Detect "microbursts"

Microbursts are caused by highly concentrated traffic over a very short period. In network use cases such as online trading and e-commerce, accurately grasp the time, content, and frequency of traffic concentration, to optimize the investment of server resources.

Model Portable 2G Portable 4G Portable 20G NEO Lite NEO Lite 20G
NEO Basic NEO Pro
Product image
Configuration Portable 1U
Number of ports 1GbE SFP × 4 ports 10GbE SFP × 2 ports
1GbE SFP × 4 ports
x 4 ports
10GbE x 4 ports
25GbE x 2 ports
40GbE x 2 ports (option)
100GbE x 2 ports (option)
100GbE x 2 ports
40GbE x 2 ports
* In development
Capture interface 10/100/1000 Base-T
1000 Base-SX/LX
10G Base-SR/LR
1000 Base-T/SX/LX
10G Base-SR/LR
25G Base-SR/LR
40G Base-SR4/LR4
100G Base-SR4/LR4
100G Base-SR4/LR4
40G Base-SR4/LR4
* In development
Capture performance 2Gbps 4Gbps 20Gbps 4Gbps 20Gbps 65Gbps 100Gbps
Effective storage capacity 1.4TB 2.9TB 11.5TB 5.0TB 60TB 70TB
RAID configuration RAID 0 RAID 5 RAID 10
OS Linux
Dimensions(W×H×D mm) 426×314×154 425x378x147 437x43x597
Weight (kg) About 8.8kg About 9kg About 13kg About 15kg
Cost reduction and flexibility with Wireshark*

The entire etherExtractor series outputs captured packet data as highly versatile PCAP files, allowing for full compatibility with Wireshark, a popular and free open-source software used for detailed network analysis. Utilizing open-source software reduces the initial installation cost, and solves the issue of high operational cost and performance instability found in some expensive capture products by eliminating the need for costly, continuous software updates. Wireshark, a favorite tool of network engineers in many industries, also provides operational flexibility even if network analysis is outsourced.

Wireshark* Overview
  • Analyze captured files
  • Packet filter function
  • Statistics function
  • TCP session stream recovery function

* Wireshark is a registered trademark of Wireshark Foundation, Inc.

 Contact Us


* What are you interested in?

* What type of solution are you interested in?

*For technical support requests, please use Artiza Networks' customer support portal, or use the customer support contact information provided in your product's user manuals.