caplon decoding & network recording

High-performance network data recording from Germany

The scalable tracing engine is part of every caplon© appliance. In combination with specially programmed FPGA-based data acquisition cards from napatech®, it guarantees the complete and lossless acquisition of network data in high-speed networks. caplon© decoding & network recording captures the network packets to a TAP or span port of a switch - including deep packet analysis in real time. The analysis is therefore completely passive and non-reactive.

The caplon© trace engine was developed on the basis of a highly scalable architecture to ensure that network packets can be captured loss-free even at very high data rates. This opens up new possibilities for analysing services in the context of 5G and broadband streaming services. The correlation of parameters in the network streams is supported by the FPGA-based data acquisition card with nanosecond time stamps.

Tracing in distributed and complex environments

  • The caplon© system architecture supports the monitoring of spatially distributed and multi-site structures. Data capture systems with different levels of performance are used: edge boxes in the OT area, caplon© network probes with or without analysis options, caplon© aggregation systems and caplon© umbrella systems. The system architecture enables individual adaptation to customer requirements and cost optimisation.

  • In virtual environments, network traffic within and between virtualisation hosts is captured by caplon© virtual tracing appliances, which are installed on one or more VM hosts.

Efficient troubleshooting

  • Decoding of all common IP-based protocols in the ITC sector and important IP based protocols in the ICS and SCADA sectors
  • Decoding of proprietary protocols (on request)
  • Display of decoded network packets directly in the browser or in Wireshark via consistec Wireshark plugin
  • Detection and optionally removal of package duplicates
  • Annotating network packets with the information of the associated trace point
  • Download trace files in PCAP, PSML, and PDML formats.
  • Multi-user operation with up to 15 simultaneous users (floating licenses)

Network Recording – the flight recorder for the network

caplon© continuously writes the recorded network data to a ring buffer with a configurable fixed size. This allows network problems or security incidents to be analyzed retrospectively.

  • Storing of relevant data up to the peta-byte range with additional caplon© storage extensions
  • Solving sporadic problems
  • Forensic Analysis - Analyze Security Incidents Retrospectively
  • Compliance monitoring - make compliance requirements verifiable
  • Permanently storing critical data by creation of ring buffer snapshots if problems or anomalies are detected

Wireshark Integration

caplon© systems offer a far-reaching integration of Wireshark via a Wireshark plug-in module.

Live Tracing

  • in distributed structures: online analyzing pre-filtered traffic from different network segments in one trace file
  • with authorization profiles: Tracing with Wireshark with considerably reduced risk of data misuse by using corresponding authorization profiles
  • with online pseudonymized data: Tracing with Wireshark without insight into personal data or critical infrastructure data through online pseudonymized network data (module caplon© privacy protection)

Seamless integration, improved analysis capabilities, automation capability

caplon© systems have open interfaces and a standardized REST API, making them easy to interact with existing systems.

  • Integration into automated monitoring systems and test automation solutions and coupling with intrusion detection systems
  • Automated capturing, analysis and export of network data
  • Providing third party systems, e.g. SIEM-, IDS-systems with valuable information from network data
  • Interaction with active IT components (Cyber Defence Systems, Security Data Collection, Firewalls, …)

Legally compliant access to data

With regard to IT security, the EU-GDPR (Art. 5, para. 1f) requires that personal data be protected by appropriate technical and organisational measurements. This also includes protection against unlawful forms of processing and against accidental loss ("integrity and privacy").

caplon© systems effectively reduce the risk of data misuse with a fine-grained access and authorization system in combination with caplon© Privacy Protection technology.

  • Fine-grained adjustable access to the network data regarding network segments, layers and analysis depth per user or role.
  • Protection of personal data and critical information of the IT infrastructure by pseudonymisation of network data (module caplon© privacy protection)
  • Clear overview of the access rights stored in the system per user and role

Your cookie settings

Technically necessary (essential) cookies

Information on the individual cookies

  • Show more

    Technically necessary (essential) cookies

    Necessary cookies help to make a website usable by enabling basic functions such as page navigation and access to secure areas of the website. The website cannot function properly without these cookies.

    Name fe_typo_user
    Purpose Secures anti-spam measures when using the contact form
    Expiration Session
    Type HTTP
    Name conCookieSettings
    Purpose Saves the consent to cookies
    Expiration 30 days
    Type HTTP
    Name mtm_consent_removed
    Purpose Used by Piwik Analytics Platform (matomo) to determine that the tracking has been contradicted
    Expiration 1 month
    Type HTTP
  • Show more


    Statistics cookies help website owners understand how visitors interact with websites by collecting and reporting information anonymously.

    Name matomo.php
    Purpose Records statistics about the user's visits to the website, such as the number of visits, average time spent on the website and which pages were read.
    Expiration Session
    Type HTTP
    Name _pk_id#
    Purpose Records statistics about user visits to the site, such as the number of visits, average time spent on the site and which pages were read.
    Expiration 1 year
    Type HTTP
    Name _pk_ses#
    Purpose Is used by the Piwik Analytics Platform (matomo) to track page requests of the visitor during the session.
    Expiration 1 day
    Type HTTP
    Name _pk_testcookie..undefined
    Purpose Is used by Piwik Analytics Platform (matomo) to check whether the browser used supports cookies.
    Expiration Session
    Type HTTP
    Name _pk_testcookie.#
    Purpose Is used by Piwik Analytics Platform (matomo) to check whether the browser used supports cookies.
    Expiration Session
    Type HTTP