Although there are plenty of inexpensive and free packet capture and analysis tools on the market, WildPackets seems to maintain a market for its commercial equivalents. We've already seen some of their more general tools (AiroPeek for wireless networks and EtherPeek for Ethernet ones) - but the company has now decided to release an application-specific variant of the EtherPeek product. EtherPeek VX, as the new release is called, is aimed specifically at managers of voice-over-IP (VoIP) networks, and so it takes the underlying functionality familiar to EtherPeek users and sits a set of VoIP-specific analysis tools on top.
The VX version shares the general GUI structure and capture/examination functions of the main product. The main screen is split into a set of tabs that allow you to drill into data (either live, or loaded from a previously captured packet file) from whatever angle you wish - by packet, by node or by protocol. There's also a tab containing graphs (some basic predefined ones are supplied, or you can build your own) and another that provides "expert" analysis, where the application analyses the data and spots likely problems (slow responses, connection retries and the like) and draws your attention quickly to those items without you having to trawl through the data by eye.
Nothing new here, then - the novel bits are in the new tab that's appeared, labelled "VoIP", which provides the low-level IP telephony functions. Whereas the basic EtherPeek application will quite happily identify VoIP-related packets and decode them according to what the standards say, the VX version digs deeper and gives you a much more telephony-oriented view onto them. An obvious feature, for instance, is the ability to record and replay calls, which allows you to check on the voice reproduction quality, network latency and such like, as well as performing "what if" analysis by changing jitter buffer settings and listening to see what difference it made.
The VoIP tab is split into two sections: open calls and closed calls. Each section has a line per call, listing the fundamental parameters of the call (caller, recipient, call type, channels used, dropped packets and so on). Double-clicking on a specific call takes you to the call detail screen, which itself comprises two sections: the top deals with signalling sequences, while the bottom contains the actual media (the audio bit), which can be played back and fiddled with as described above. Drilling further into each of these screens gives yet more detail screens, split into pages to keep everything sane and comprehensible.
As you'd expect, the VoIP functionality is integrated with the EtherPeek core, and so where you double-click on something generic (i.e. something that doesn't need telephony-specific code in order to drill down) it throws you into the various other tab pages. So if you double-click on, say, a signalling packet flow, it'll take you into the "Packets" tab and allow you to dig into the packet sequence involved in that signalling event. It's all done very intuitively, though we found that once we'd hit the "hide packets not involved in this event" button it took a minute or two to figure out how to get back to an "all packets" view!
All in all, EtherPeek VX is a very clever idea. VoIP is probably a popular enough concept for a sensible-size market to exist, and the extra features it brings over and above traditional network analysis mean that the network manager not only gets the excellent functionality of the basic EtherPeek product, but has the bonus of being able to dig about in the voice-related packets in a much nicer way than would be possible with a generic packet analyser. The only problem we found when we were investigating the product was related to the GUI, not the actual functionality (the progress bar on the Audio page of the Channel Properties screen falls off the end of its little box) and so we don't have any real gripes with the product.
If you're a VoIP user, then assuming you're using standards-based implementations, this tool is the automatic choice - not least because you can use it as a general packet capture and analysis tool as well.