CSI-HO-020-L – Advanced Packet Analysis with Wireshark- 2.5 Day

CellStream Logo trim plus TM 150x50   CellStream, Inc. – Telecom Consulting and Training!            2.5-Day Instructor Led Hands On Lab Class
Available in either Web Based delivery or On-Site Delivery
Minimum 10 students – Maximum 16 students

What Students are saying about this class

  • “Instructor has great depth on the topics and can present them in terms and uses examples that simplify.”
  • “The instructor ensures that the students understand the current topic before moving to the next.”
  • “The course material was well thought out, especially the labs.”
  • “Instructor has a lot of knowledge, and is able to transmit it without becoming boring. He knows very well how to keep the attention from the audience. You are one of the best online instructors I’ve had, good job!”

Course Description:

Once you have learned the fundamentals of the Wireshark® application and how to diagnose/troubleshoot packets on the network, it is not long before you need more advanced skills and knowledge. This advanced knowledge and understanding is provided in this course by observing and practicing advanced features of the application. Further, this course takes dives into key troubleshooting and protocol knowledge that will advance the student to a higher level of packet capture and analysis.

The course is a combination of Wireshark knowledge training, systems analysis, with hands-on exercises using the Wireshark™ application, backed by CellStream’s experience in networking over the last 25 years, revealing the details and capabilities in a swift, comprehensive, and understandable way.

  • “What is Ring Buffers and how can I use them?”
  • “What are the limitations of encryption in Wireshark?”
  • “What are the advanced display filter macros and filter buttons, and how can I use them?”
  • “How can I better use I/O and TCP graphing?”
  • “How can I troubleshoot network issues with Wireshark?”
  • “What are some of the details regarding how TCP works?”

Course Objectives:

The objectives of the course are:

  1. Elevate an existing knowledge level of Wireshark packet capture and analysis skills and knowledge.
  2. Learn advanced filtering and file operations of the WIreshark application
  3. Develop a deeper comprehension of how Wireshark can be used in network/protocolo analysis and monitoring
  4. Leverage advanced Wireshark methods and procedures to elevate tool usage and understanding
  5. Expand the students troubleshooting expertise on packet analysis and network dissection
  6. Further develop an understanding as to how TCP affects network performance


The target audience for this course is anyone in Internet Sales, Marketing, Engineering, Test, Customer Support, Technical Marketing, that requires a solid and complete understanding of the fundamental operations of Wireshark that can be applied to their job function.

Ideal candidates are:

  • Sales and Technical Marketing professionals that deal with the Internet
  • Operations individuals that will provide network configuration and support services
  • Network Design Engineers that need to understand Wireshark as a trouble analysis tool
  • Technical sales individuals that must be able to correlate features with functionality
  • Technical marketing individuals that want more than just a basic understanding of Wireshark
  • Network Administrators

Course Prerequisites:

This course is designed to appeal to anyone needing advanced skills and knowledge in using Wireshark. The ideal student will have some experience with Wireshark or have taken a fundamentals course.

All students must attend with a lap-top computer running Windows, MAC OSX, or Linux operating systems.

If the course is held at a classroom where computers are available, the Lap-top computer may not be required.

Class size is limited to 16 students.

Course Materials:

Students will be provided with a PDF Course Student Guide. Also, access to analysis captures will be provided via the Online School of Network Science.

Related Content:

This course should be preceded with either the Hands On TCP/IP Fundamentals, Hands On TCP/IP and Ethernet Fundamentals, or one of the IP Routing/Addressing 101 courses.

We offer a number of different Wireshark courses, with a focus on different use cases:

Course Outline:

  • Section 1: Course Introduction and Logistics
  • Section 2: Wireshark Power User Operations
    • Wireshark Custom Profiles
    • Wireshark Ring Buffers
    • Understanding Limits of Encryption (QUIC, HTTPS, IPSEC)
  • Section 3 : Advanced Capture Tools and Filtering
    • Physical Taps
    • Mirror Ports
    • Applying Capture Filters
  • Section 4: Advanced Display Filtering
    • Display Filter Buttons
    • Display Filter Macros
  • Section 5: Advanced Statistics and Graphing
    • I/O Graphing with Filters
    • TCP Graphing/Visualization
  • Section 6: Advanced Name Resolution – Using Ethers and Hosts files
  • Section 7: Wireshark Troubleshooting
    • Troubleshooting Preparation
    • Troubleshooting Tools
    • Troubleshooting Checklist
    • Drilling Down
  • Section 8: TCP Drilldown
    • Customization of Wireshark for TCP Protocol Analysis
    • TCP Conversation Completeness
    • TCP 3-Way Handshake
    • TCP Performance
    • TCP SACK
    • TCP Duplicate ACKs
    • TCP Issues
    • TCP Failures
    • The TCP Troubleshooting Workflow
  • Section 9: Course Summary and Conclusions

Course Availability:

Contact us for schedule dates and times.

View the course calendar and browse for our schedule.

Course Description, Content, Outline, and Instructional Design are Copyright ©CellStream, Inc.

Leave a Comment

Contact Us Here

Please verify.
Validation complete :)
Validation failed :(
Your contact request has been received. We usually respond within an hour, but please be patient. We will get back to you very soon.
Scroll to Top