device/system selection

Viewing 9 reply threads
  • Author
    Posts
    • #7157
      Determ
      Participant

      What kind of device is best to use if I want do “duplicate” and transfer network traffic from one remote facility to other, where analysis will be done?

      So I’m looking for best “out-of-box” rack-cabinet appropriate device, sufficiently effective for being placed between switch and router.

    • #44693
      cd1zz
      Participant

      What kind of data are we talking about? Databases? Files? Or are you talking about replication at a lower level? Are you trying to de-dup before you transfer over the network?

    • #44694
      Darktaurus
      Participant

      Wouldn’t you just setup port mirroring and monitor everything from that port?  You could setup an appliance or a computer with wireshark,tcpdump, dsniff,etc, right?

    • #44695
      cd1zz
      Participant

      Good point, misread the question. Port mirroring over a WAN might be tough unless the bandwidth is significant.

    • #44696
      mambru
      Participant
    • #44697
      Determ
      Participant

      @mambru wrote:

      Have you tried a tap?

      Yes, inline aggregating tap with filter option is needed, but do I get a device with router capabilities. Traffic should be send over WAN, but without intervention to existing (primary) router.

    • #44698
      rattis
      Participant

      @cd1zz wrote:

      Good point, misread the question. Port mirroring over a WAN might be tough unless the bandwidth is significant.

      Not really. I used to work in a central data center for an auto company. All the plants had mini-data centers, but they got all their data from the centernal location. We had network genral sniffers and 4tb infinistreams attached to the network via span ports off cisco 6500s. the infinistreams rolled every 12 hours, and we never had complaints about performance.

    • #44699
      rattis
      Participant

      @Determ wrote:

      @mambru wrote:

      Have you tried a tap?

      Yes, inline aggregating tap with filter option is needed, but do I get a device with router capabilities. Traffic should be send over WAN, but without intervention to existing (primary) router.

      If I understand that right, you want the traffic needing to be watched to go out over the exiting WAN connection without going through the existing border router? can you create down time to set things up?

    • #44700
      Determ
      Participant

      @chrisj wrote:

      If I understand that right, you want the traffic needing to be watched to go out over the exiting WAN connection without going through the existing border router? can you create down time to set things up?

      Yes.

      Also I have time to set-up things, it’s not continuous process 24/7. For the beginning would be ok, if the device (tap) could have option to save filtered traffic and send it via smtp on every X hours. In that way the device could be plugged directly in current switch. Ofcourse I don’t know if I get such smart Tap device (having laptop in rack for that is not an option).

    • #44701
      rattis
      Participant

      maybe not having a laptop, but if you could drop a full size server, one that looks like it belonged maybe.

      Actually I was thinking more along the lines of how I had something set up in the past. Had a facility in rural area that could only get 1 dsl line. It was a PITA just to get that much. A partner company made a deal with a 3rd company who came in and set up gear.

      I had to figure out how to have 2 secure networks seperated on the same DSL line. Connection went DSL hand off (DSL Modem with built in firewall and router), cisco pix for one network, linksys running dd-wrt for the other as their gateways, and then they did Site to Site VPN from those.

      Was thinking maybe put an outer-edge device, then the border router, with your sniffer hooked into the outer edge device and the network with span port. lock it down tight with firewall rules.

Viewing 9 reply threads
  • You must be logged in to reply to this topic.

Copyright ©2021 Caendra, Inc.

Contact Us

Thoughts, suggestions, issues? Send us an email, and we'll get back to you.

Sending

Sign in with Caendra

Forgot password?Sign up

Forgot your details?