Wireshark is a great traffic analyzer in the transport layer. The configuration of different profiles to adjust to each problem is very good, the breakdown of the packages for their analysis also allows to identify the source of the problem and to be able to solve it. To track the trace of the packages is absolutely useful and the tool is very powerful when analyzing wireless traffic.
The handling of very large files is not the most suitable (millions of packages approximately) since downloading them can slow down the program. Also the function to match a search filter is not as intuitive as possible and you could also add more features to identify the traffic by interface or virtual networks.
The more knowledge you have about TCP / IP, the more benefits you can get from Wireshark. Be sure to install WinPCap properly. Wireshark is not a security tool in real time, its greatest strength is the analysis of packages take into account this at the time of use and not put on expectations that will not meet. To capture large quantities of packages better use another tool.
The most important thing that Wireshark brings is the possibility of solving problems in the primary source (the packages), this benefit is priceless for a network security engineer and offers enormous flexibility to remedy vulnerabilities, performance degradation, etc. Identification of connection problems can also be done with this software.