InetVis has several features to explore network traffic and assist the formation of insight. A set of key features are listed below:
* Adjustable replay position to seek through the traffic capture files.
* Variable playback speed (time scaling), from as slow as 0.001x (1 ms/s), or as fast as 86400x (1 day/s).
* Variable time frame/window to view events for the past 100 ms up to 5 years.
* Transparent decay of events - points fade as they age (with respect to the time window).
* New events are highlighted by pulsing once (a momentarily bulge of the point).
* Filtering capability via BPF filter expressions (as used in libpcap and tcpdump).
* Various colour schemes for colouring points and adjustable point size.
* Setting the data ranges and scaling down into sub-domain IP addresses (destination and source) as well as port ranges to view a subset of the traffic data.
* Adjustable logarithmic plot for stretching out lower port range where, in general, most TCP/UDP traffic occurs.
* Various reference frame controls, i.e. toggling visibility of axes, markers, transparent grid lines, labels, and background colour.
* Orthographic and perspective projection modes.
* Immersive navigation - scaling (zooming), translating (moving) and rotating.
* Record single snapshot image, or dump all image frames (useful for manually encoding video clips).
* Record output back to pcap binary file format, for further detailed analysis with other applications (e.g. tcpdump, Ethereal and Snort).
