Try our new research platform with insights from 80,000+ expert users
Kamal Kumar Verma - PeerSpot reviewer
Lead Consultant at Genpact - Headstrong
MSP
Top 10
A highly stable and helpful product that enables users to understand network traffic at a granular level
Pros and Cons
  • "Wireshark helps us to understand network traffic."
  • "The product has been using the same GUI for many years."

What is our primary use case?

There were many use cases of Wireshark. When I was working in Genpact, we were handling more than 850 projects. Wireshark was a great help when we could not open any website or URL given by customers because it was getting blocked.

What is most valuable?

Wireshark plays a very important part in resolving day-to-day KRAs. Wireshark is a helpful tool for anyone working with a firewall or proxy. When we put up a scan for a particular destination, the product shows the sync at a very granular level. It shows whether the packet has been received or acknowledged by the end server or not. One of the best things about the product is that we can use it to track whether an issue occurred due to the website. Sometimes, the acknowledgment does not happen, and the end server does not accept the request. We get a granular bifurcation of the logs to see at what step it is dropping the connection. Wireshark helps us to understand network traffic.

What needs improvement?

The product has been using the same GUI for many years. The product must make its GUI more interactive and user-friendly. Any IT person working on the product would understand the information displayed on the product, but the GUI is not that familiar.

For how long have I used the solution?

I was using the solution on a day-to-day basis until October 2022. I have used it for more than six years. In my current organization, the product is used very less.

Buyer's Guide
Wireshark
July 2025
Learn what your peers think about Wireshark. Get advice and tips from experienced pros sharing their opinions. Updated: July 2025.
863,679 professionals have used our research since 2012.

What do I think about the stability of the solution?

The product is very, very stable. It can pass large amounts of logs. I have used the solution for three to four days continuously. It does not hang while reading the logs or giving the output.

What do I think about the scalability of the solution?

The solution is scalable. I was the solution architect at Genpact. Only the L3 employees who were reporting to me had access to Wireshark. A few L3 employees from the firewall team also had access to the tool. Approximately 13 to 14 people were using the product in my organization based on the approvals they received.

Which solution did I use previously and why did I switch?

We used the product because it is the first tool used by everyone in security or networks during their initial stages. Everyone knows about Wireshark, its uses, and how simple it is for IT personnel to use it. It is easy to download, easy to configure, easy to look up, and easy to do anything. We don't have to rely on someone else to teach us how the product works.

How was the initial setup?

The initial setup is very easy. Wireshark is a restricted tool. We cannot simply install it on our machine in a large organization. It is one of the highly restricted tools which we use. Getting approvals in large organizations is a challenging task. Even if the organization approves the installation of the tool, they will approve it for only three to six months. We have to renew the approvals every six months to keep the tool installed on our machines. It was challenging because it's a sniffing tool. It is a blacklisted tool in every organization.

What's my experience with pricing, setup cost, and licensing?

It is an open-source solution. The product is 100% free. Wireshark has launched some paid features which we never tried. Usually, the features we require are available in the open-source version. We completely depended on the free tool. It gave us perfect outputs.

What other advice do I have?

We get all details about the product on the Internet. People with at least two to three years of experience in IT know Wireshark and its uses. It is not difficult for them to understand the tool. I would recommend the product to anyone who comes to me with any network or Internet issues where they cannot access a certain website or application. On an application level, the solution works fantastically. Though we can get logs for the website, it is not easy to track applications. It's one of the best tools in the market, which can help us resolve issues at the application, user, and end server levels. Overall, I rate the product ten out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company does not have a business relationship with this vendor other than being a customer.

PeerSpot user
AdeelAgha - PeerSpot reviewer
Team Lead - Cyber Security & Compliance at Al Tuwairqi Group
Real User
Easy to deploy, user-friendly, and stable
Pros and Cons
  • "Wireshark is very user-friendly; even someone with basic IT knowledge can use it."
  • "Wireshark is restricted when any sort of encryption is involved, such as XSL encryption or DLX."

What is our primary use case?

The primary purpose of Wireshark is to monitor network communications. For example, if we need to track our target in order to exploit it, or to understand our use cases, we can use Wireshark for both internal and external penetration testing. We can use Wireshark to capture communication from any IP, and if there is no encryption, we can also use it to retrieve client passwords. This is the main function of the solution.

What is most valuable?

Wireshark is very user-friendly; even someone with basic IT knowledge can use it. Wireshark has a large user interface and a good graphical user interface. Wireshark has all the features needed, such as sniffing the network, tracking packets, and sorting packets.

What needs improvement?

Previously, I have used Wireshark in some of the financial companies I have been involved with. For example, when I was employed at a bank, we used Wireshark. However, I have noticed that Wireshark is restricted when any sort of encryption is involved, such as XSL encryption or DLX. This means that Wireshark cannot be used to its full potential. Therefore, I think that Wireshark or the vendors should consider including features to penetrate firewalls and get the data, such as including any hash types.

I would like the ability to sniff user credentials, such as passwords, rather than clear text. Wireshark should be able to sniff basic encryption, such as 128 and 64-bit encryption, as other solutions do.

For how long have I used the solution?

I have been using the solution for over ten years.

What do I think about the stability of the solution?

Wireshark is a stable solution.

How are customer service and support?

I rarely need to contact technical support, as most issues can be resolved by looking at the Wireshark questions or FAQs. We can usually find solutions quickly.

How would you rate customer service and support?

Positive

How was the initial setup?

The initial setup is very easy. We can send an executable file, we can just run the solution. Wireshark can be installed on a standalone workstation or if we want to create a server, we can also do that. The deployment takes around 30 minutes.

What other advice do I have?

I give the solution a nine out of ten.

There is a purpose for using Wireshark. If we don't know the purpose or our agenda, then why are we using it? The solution would be useless for us in this case. If we are following an example and are a SOC person, we just need to sniff the communication and confirm that it is stable. However, if we are general IT people and do not know the purpose, then Wireshark would be useless.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company does not have a business relationship with this vendor other than being a customer.

PeerSpot user
Buyer's Guide
Wireshark
July 2025
Learn what your peers think about Wireshark. Get advice and tips from experienced pros sharing their opinions. Updated: July 2025.
863,679 professionals have used our research since 2012.
Venkat Lkmula - PeerSpot reviewer
Tech spesialist at INT tech services
Real User
Easy to use, reliable, fast learning environment
Pros and Cons
  • "I have found the most valuable feature you can design your sniffer the way you want to."
  • "In the future, it would be nice to see color coding. It is just black and white."

What is our primary use case?

Our primary use case of this solution is for wired or wireless sniffing.

What is most valuable?

I have found the most valuable feature you can design your sniffer the way you want to. As I said, by default it will have all the legacy features or legacy or advanced features. So apart from that in your device, if you have a particular feature that is enabled, then you can modify it by changing the source code. It provides you with the source code. It is an open source so you can get a source code, you just need to create a plugin or API and point it to that source and you compile it.

What needs improvement?

In the future, it would be nice to see color coding. It is just black and white. 

For how long have I used the solution?

I have been using Wireshark for the past fifteen years.

What do I think about the stability of the solution?

The stability is excellent and reflected in the automation integration.

How are customer service and support?

If you are a good programmer everything is available online. There is a community-based option to ask questions and you will get answers.

How was the initial setup?

The initial setup is straightforward. You type in Google or Bing Wireshark download. Then you will be taken to the Wireshark webpage and there is a tab called download. Download the latest stable version that is available. It is an EXE file or an MSF file.

What other advice do I have?

For the initial stages, I prefer Wireshark but after six months to a year, I like to use OmniPeek. Wireshark is very easy to use and I would rate it an eight out of ten.

Disclosure: My company does not have a business relationship with this vendor other than being a customer.

PeerSpot user
Lead Engineer at NXP Semiconductors
Real User
Scalable, stable, doesn't require installation, and allows you to capture packets at any time
Pros and Cons
  • "What's best about Wireshark is that it doesn't require installation. It supports cards and monitoring permissions and is sufficient for appending and capturing activities. You won't need to install other tools to use Wireshark, so this saves you time. You can capture packets at any time from your laptop through Wireshark."
  • "Wireshark is similar to an OS defense tool, meaning that it runs on an OS such as Ubuntu and Fedora, but I'm unsure if it's compatible with Windows or if it's a straightforward process to run it on Windows. Right now, my team needs to run Wireshark from a dongle to use it, so it's an OS-dependable tool, and that's an area for improvement. I was unable to use Wireshark on Windows, and I couldn't capture it, as I'm unsure how to configure the wireless card into monitoring mode on Windows. The process was straightforward on Linux, but it wasn't the case on Windows OS. It seems Wireshark isn't compatible with all OS. For example, you can analyze the log, and you can analyze it on the Windows server, but you can't do a capture in Windows. Configuring Wireshark for Windows isn't as easy as configuring it for Linux."

What is our primary use case?

We're using an internal Wi-Fi card in the laptop, so we configure that particular wireless interface into monitoring mode, configure the channel, and use Wireshark for that specific interface. We can capture the packets and activities on that channel, analyze the packets for poor connections, etc.

What is most valuable?

What's best about Wireshark is that it doesn't require installation. It supports cards and monitoring permissions and is sufficient for appending and capturing activities. You won't need to install other tools to use Wireshark, so this saves you time. You can capture packets at any time from your laptop through Wireshark.

What needs improvement?

Wireshark is similar to an OS defense tool, meaning that it runs on an OS such as Ubuntu and Fedora, but I'm unsure if it's compatible with Windows or if it's a straightforward process to run it on Windows. Right now, my team needs to run Wireshark from a dongle to use it, so it's an OS-dependable tool, and that's an area for improvement.

I was unable to use Wireshark on Windows, and I couldn't capture it, as I'm unsure how to configure the wireless card into monitoring mode on Windows. The process was straightforward on Linux, but it wasn't the case on Windows OS. It seems Wireshark isn't compatible with all OS. For example, you can analyze the log, and you can analyze it on the Windows server, but you can't do a capture in Windows. Configuring Wireshark for Windows isn't as easy as configuring it for Linux.

What I'd like to see in the next release of Wireshark is the capability to capture packets from the ethernet.

For how long have I used the solution?

I started using Wireshark six or seven years ago.

What do I think about the stability of the solution?

Wireshark is a stable product.

What do I think about the scalability of the solution?

Wireshark is a scalable product.

How are customer service and support?

I never needed to contact technical support for Wireshark.

Which solution did I use previously and why did I switch?

My company uses Wireshark and has not tried a different solution. The biggest factor on why it decided to use Wireshark is because it's open-source software that doesn't require installation and a license, so anyone can use it.

How was the initial setup?

Wireshark is pretty easy to set up. Its deployment doesn't take much time. It only takes ten to twenty minutes max to complete Wireshark deployment.

What's my experience with pricing, setup cost, and licensing?

Wireshark is an open-source product, so it's free to use.

What other advice do I have?

All people within my company use Wireshark, so that's two hundred users.

My advice to anyone looking into using Wireshark is that you should know how to configure the interface and the internal Wi-Fi card into monitoring mode, so you can capture via Wireshark. As Wireshark is a good tool, I'd recommend it to others, but you should have some knowledge of how to use it and how to configure it. Before implementing Wireshark, you need to know your objectives, working scenarios, what type of features you'd want to implement, and what changes you need to make.

I'd rate Wireshark eight out of ten because for you to configure and use it requires proper knowledge. It's straightforward to use if you have some knowledge of configuring it for monitoring.

I'm a customer of Wireshark.

Disclosure: My company does not have a business relationship with this vendor other than being a customer.

PeerSpot user
Rajendra Thakur - PeerSpot reviewer
Incident manager at Cisco
Real User
User-friendly with an easy setup and a nice interface
Pros and Cons
  • "The options that are required to get the details for the packet drops are good."
  • "You need good network connectivity to download during the setup, otherwise, it might take a while."

What is our primary use case?

It's a tool that we use to capture the network and if there is any lag or if there are packet drops.

It's a very useful tool. We are using it to monitor any network depreciation. For example, suppose there's a call going on between two IP phones and one person says that I cannot hear you. There's definitely something wrong. The RTP is getting dropped, and the packets are getting dropped. We need to capture the live call or if there are any prerecord calls for this particular time period. We go ahead and use this tool to find out whether the packets dropped when a packet is dropped and what caused the audio issue or video issue. We actually use it to understand any network issues.

What is most valuable?

I've been using it for quite some time, and I find that it's very user-friendly. The interface is good. 

The options that are required to get the details for the packet drops are good. All the options are available for whatever is required. I can choose any of them and search easily, and I can also pull the report and publish it to the team or whoever requires it. 

It's easy to set up.

What needs improvement?

I can't suggest anything as of now regarding Wireshark. I have never found any issues or had any difficulty using it. Be it connecting the system to the network directly and capturing the data through Wireshark, or for a specific time, it's been flawless. I have got the results every time I've needed them. 

You need good network connectivity to download during the setup, otherwise, it might take a while.

For how long have I used the solution?

I have been using Wireshark for almost six years. I've used it for a while at this point.

What do I think about the stability of the solution?

The solution is stable. It's reliable. It offers good performance There are no bugs or glitches. It doesn't crash or freeze. 

What do I think about the scalability of the solution?

Almost everybody in our company is using the product. That's likely around 1,000 people. Here, we always work on the network devices, and we need to use this tool to understand if there is any issue with that network or if there is any issue with the calls. Therefore, almost everyone uses it within the network team.

In terms of scalability, if you look at it, there's no limit. There's no restriction on how many users can use it. However, it depends on the organization. If you need any approval to download it usually needs special permission. 

How are customer service and support?

I never had to reach out to technical support regarding Wireshark. Whenever I've had to use it, it worked properly and there was no issue to complain about.

How was the initial setup?

It is easy to set up. We just need to download it and choose the options while setting it up. That's it. After that, it should be done.

The download itself doesn't take a lot of time. It depends on the bandwidth of your network. If you're using a good network connection, then it hardly takes a minute to download.

What's my experience with pricing, setup cost, and licensing?

It is open-source. Anyone can download and use it. 

What other advice do I have?

I use the solution to support my customer's environment. I am not a partner or reseller. 

I'd rate the solution ten out of ten.

Wireshark is more of a packet capture tool. If you are in a network environment, where you are supporting the customer and looking after the issues with network drop, network devices, or IP calls, you must have a Wireshark on your PC. This is a tool that gives you a clear-cut idea about where the issue is, and where the packs are dropping. It's an excellent tool. Everyone should start using it.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company does not have a business relationship with this vendor other than being a customer.

PeerSpot user
Aqeel Junaid - PeerSpot reviewer
Junior Executive - Information Security at sunshine holdings
Real User
Top 5Leaderboard
Used to analyze patterns in the network and check for any malicious traffic generated from devices
Pros and Cons
  • "Wireshark is a good tool to start with network analyzing and packet capturing."
  • "The solution’s user interface could be improved."

What is our primary use case?

Wireshark is a network analyzer used to capture traffic. It's used to analyze patterns in the network to check for any malicious traffic generated from devices or endpoints.

What is most valuable?

Wireshark is a good tool to start with network analyzing and packet capturing. The solution provides good performance and stability.

What needs improvement?

The solution’s user interface could be improved.

For how long have I used the solution?

I have been using Wireshark since 2019.

What do I think about the stability of the solution?

Wireshark is a stable solution.

What do I think about the scalability of the solution?

Wireshark is not a scalable solution. The tool's purpose is not to scale, and there is no use case to scale it.

How was the initial setup?

The solution’s initial setup is straightforward.

What about the implementation team?

I have deployed Wireshark on my laptop. You need to download the software from the web and then run it. It's free of charge, and there's no license involved. We need to enable the solution and run it to capture the traffic.

What's my experience with pricing, setup cost, and licensing?

Wireshark is free of charge, and there's no license involved.

What other advice do I have?

I would recommend the solution to other users. Wireshark is a good tool to start with network analyzing and packet capturing. You can use Wireshark for packet capturing to find the root cause of any issues in the network.

Overall, I rate the solution an eight out of ten.

Disclosure: My company does not have a business relationship with this vendor other than being a customer.

PeerSpot user
reviewer2045031 - PeerSpot reviewer
Student at a university with 1,001-5,000 employees
Real User
Good for diagnostics and working with packet data and easy to set up
Pros and Cons
  • "The initial setup is simple."
  • "Whenever we select one of the packets, in terms of the number of bytes, for example, there are three planes, and in the detailed plane, I have to count the number of bytes manually."

What is our primary use case?

I have been using Wireshark for the packet tracing, and it has helped me to find out whatever site, et cetera. It is useful, basically capturing packets of data on the network.

It helps us to identify the source the packet is originating from and it also helps us to know about the return time of the packet from when the packet is going from our computer to when it reaches the destination IP address. It helps diagnose internet connectivity problems and also helps us to know what the website data consists of and how much data is in the website.

And it also helps us to know about the various protocols which are being utilized when we are connecting to the internet. We also get to know what bites, et cetera, are present in our data or if there is any malicious packet that is not supposed to come in. Based on it, we can configure our firewall. 

What is most valuable?

It's helping me to get to know about the packet data. I'm getting to know about the source destination IP, for example. That's quite useful to me. 

Overall, it's a great product. 

The initial setup is simple. 

It is stable. 

What needs improvement?

Whenever we select one of the packets, in terms of the number of bytes, for example, there are three planes, and in the detailed plane, I have to count the number of bytes manually. 

Also, sometimes when I'm trying to select the number of bytes, the selection does not go properly. If we were to go on selecting it, the number of bytes also showed up as to how many bytes have been selected in the detailed plane.

For how long have I used the solution?

I've been using the solution for four months.

What do I think about the stability of the solution?

It's quite stable. I don't have any issues with Wireshark while running it. There are no bugs or glitches. It doesn't crash or freeze. 

What do I think about the scalability of the solution?

Scalability is good. I can capture as few or as many packets as I want. There's no issue at all. 

That said, I haven't worked on it professionally, so I cannot comment much on that right now from an organizational perspective.

How are customer service and support?

I've never called technical support. I can't speak to how helpful or responsive they are. 

Which solution did I use previously and why did I switch?

I did not use another similar product before. 

How was the initial setup?

The implementation process is not complex at all. You just have to click on the interface, and your Wireshark starts capturing the packets. 

What's my experience with pricing, setup cost, and licensing?

I'm not aware of the exact pricing. 

What other advice do I have?

I'm an end-user. I'm using it at my college.

I would recommend Wireshark for various network diagnostic purposes.

I'd rate the solution nine out of ten.

Disclosure: My company does not have a business relationship with this vendor other than being a customer.

PeerSpot user
MohamedEladawy - PeerSpot reviewer
Service Security Lead at Salam Technology
Real User
Useful, allows you to deeply understand what's going on at the packet level, and helps you analyze adverse signatures
Pros and Cons
  • "I find Wireshark a very useful tool. Its best feature is that it allows me to deeply understand what's going on at the packet level, as well as any adverse signatures that I can analyze. When I need to create an IPS rule, I need to check the traffic deeply to get more insights about the actual traffic, what's the name of certain flags, etc., and I'm able to do all that through Wireshark. The tool is also user-friendly."
  • "A room for improvement in Wireshark is its ease of use for beginners. It could be better. Another room for improvement in the tool is for it to provide more details about the traffic load. At the moment, Wireshark is adequate for me, so there isn't anything I'd like added to it in its next version."

What is our primary use case?

We use Wireshark to check the network traffic, and if there's any network problem or issue, we can check it through the tool. We also use Wireshark during analysis, to check if there's any network connectivity or attempts from the malware to communicate with the C&C server. We use the tool for further analysis and investigation.

What is most valuable?

I find Wireshark a very useful tool. Its best feature is that it allows me to deeply understand what's going on at the packet level, as well as any adverse signatures that I can analyze. When I need to create an IPS rule, I need to check the traffic deeply to get more insights about the actual traffic, what's the name of certain flags, etc., and I'm able to do all that through Wireshark.

The tool is also user-friendly.

What needs improvement?

A room for improvement in Wireshark is its ease of use for beginners. It could be better. Another room for improvement in the tool is for it to provide more details about the traffic load.

At the moment, Wireshark is adequate for me, so there isn't anything I'd like added to it in its next version.

For how long have I used the solution?

I've been using Wireshark for a long time, so I can't remember the exact number of years I've been using it.

What do I think about the stability of the solution?

Wireshark is a stable tool. I didn't see any issues with its stability.

What do I think about the scalability of the solution?

Wireshark is a scalable tool.

How are customer service and support?

We never raised an issue or ticket with the Wireshark technical support team.

How was the initial setup?

The setup process for Wireshark was very simple.

What's my experience with pricing, setup cost, and licensing?

We're using the free version of Wireshark.

Which other solutions did I evaluate?

We didn't try to use other solutions apart from Wireshark.

What other advice do I have?

Two hundred people use Wireshark within the company.

My rating for Wireshark is a nine out of ten because I like it and I use it so much.

I'm only a user of Wireshark.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company does not have a business relationship with this vendor other than being a customer.

PeerSpot user