07-27-2007 06:01 AM - edited 03-10-2019 03:43 AM
I know this is a little off the mark but,
We have some people from Network Forensics installing monitoring equipment soon.
Supposedly, this device is going to capture every packet on the network.
How does this work and will it slow things down?
We have many VLANs, are they going to monitor every default gateway?
How would something like this be done?
07-27-2007 12:39 PM
http://www.cisco.com/en/US/products/sw/cscowork/ps5209/index.html
This should give you some good overview of the product
07-27-2007 06:08 PM
Do you mean NetForensics? If so, it's a SIM product and it doesn't collect packets...it collects events. IDS events. Router events. Firewall events. Host events. etc, etc. Are you a network guy and the security guys will be using this product? They can impact the network, but not in the way you're thinking. A router configured to log events [maybe that it previously was not configured to] could become overloaded. Devices sending events over a slow link could saturate the link. etc.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: