What kind of data are we talking about? Databases? Files? Or are you talking about replication at a lower level? Are you trying to de-dup before you transfer over the network?

Good point, misread the question. Port mirroring over a WAN might be tough unless the bandwidth is significant.

Yes, inline aggregating tap with filter option is needed, but do I get a device with router capabilities. Traffic should be send over WAN, but without intervention to existing (primary) router.

If I understand that right, you want the traffic needing to be watched to go out over the exiting WAN connection without going through the existing border router? can you create down time to set things up?

maybe not having a laptop, but if you could drop a full size server, one that looks like it belonged maybe.

Actually I was thinking more along the lines of how I had something set up in the past. Had a facility in rural area that could only get 1 dsl line. It was a PITA just to get that much. A partner company made a deal with a 3rd company who came in and set up gear.

I had to figure out how to have 2 secure networks seperated on the same DSL line. Connection went DSL hand off (DSL Modem with built in firewall and router), cisco pix for one network, linksys running dd-wrt for the other as their gateways, and then they did Site to Site VPN from those.

Was thinking maybe put an outer-edge device, then the border router, with your sniffer hooked into the outer edge device and the network with span port. lock it down tight with firewall rules.