Solved: Small Switch with port mirror option?

fahim · ‎05-29-2007

Hi

I want to deploy a small, a max of 8 port switch before my firewall witha the capability of Port Mirroring where I would connect my IDS monitoring interface. I currently use Cisco's 1548 which doesn't have any management capability.

I am aware of the danger's of having management IP on a switch which is outside of my firewall but I need a management interface (console etc) so that I can mirror a port to catch all traffic coming in thru my router's inside interface.

What are my options from Cisco?

thiyagarajang · ‎06-04-2007

Hi Fahim,

Yes, you can configure Mirror on interface you want to. Configure SPAN through CLI or use Cisco network assistant.Cisco network assistant is free downloadable.

View solution in original post

thiyagarajang · ‎05-29-2007

Hi Fahim,

You can use cisco 500 series switch for mirroring the packets from router internal traffic to your firewall.

In this case you have to connect sniffer in the cisco 500 switch directly.

fahim · ‎06-02-2007

Thanks thiyagarajan

Seems like Cisco's 520 suits my need of 8 ports.

http://www.cisco.com/en/US/products/ps7238/products_data_sheet0900aecd8060aee4.html

Can you pls confirm if it contains Port Mirroring option by looking at the DataSheet. I couldn't find any explicit reference to this feature.

Pls advise!

thiyagarajang · ‎06-04-2007

Hi Fahim,

Yes, you can configure Mirror on interface you want to. Configure SPAN through CLI or use Cisco network assistant.Cisco network assistant is free downloadable.