Directory
Switch Port Mirroring
Switch Port Mirroring
The advent of switched networks resulted in Network IDS having great difficulty in promiscuously monitoring their networks. This was overcome by configuring a switch to replicate the data from all ports or VLAN's onto a single port. This function has a multitude of names including; Port Mirroring, Monitoring Port, Spanning Port, SPAN port and Link Mode port. Generally Port Mirroring indicates the ability to copy the traffic from a single port to a mirror port but disallows any type of bidirectional traffic on the port.
Spanning Port usually indicates the ability to copy traffic from all the ports to a single port but also typically disallows bidirectional traffic on the port. In the case of Cisco, SPAN stands for Switch Port ANalyzer. Some switches do not allow SPAN ports to transmit packets, this is an issue if you wish to use IDS TCP countermeasures such as resets.
It may also be worth looking at Network Taps which allow you to tap into a network, taking a parallel feed for the Network IDS
The advent of switched networks resulted in Network IDS having great difficulty in promiscuously monitoring their networks. This was overcome by configuring a switch to replicate the data from all ports or VLAN's onto a single port. This function has a multitude of names including; Port Mirroring, Monitoring Port, Spanning Port, SPAN port and Link Mode port. Generally Port Mirroring indicates the ability to copy the traffic from a single port to a mirror port but disallows any type of bidirectional traffic on the port.
Spanning Port usually indicates the ability to copy traffic from all the ports to a single port but also typically disallows bidirectional traffic on the port. In the case of Cisco, SPAN stands for Switch Port ANalyzer. Some switches do not allow SPAN ports to transmit packets, this is an issue if you wish to use IDS TCP countermeasures such as resets.
It may also be worth looking at Network Taps which allow you to tap into a network, taking a parallel feed for the Network IDS
Listings
There are 0 Listings in this Category.Add your listing here