Let's talk about Distance Sniffing/Remote Visibility

• Previous message (by thread): Let's talk about Distance Sniffing/Remote Visibility
• Next message (by thread): Let's talk about Distance Sniffing/Remote Visibility
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, 28 Mar 2002 CARL.P.HIRSCH at sargentlundy.com wrote:
> It seems to me that the means available are A) a very
> expensive distributed NAI Sniffer installation B)
> standard RMON probes and the NMS of your choice and C) A
> linux box with a ton of interfaces running Ethereal
> accessed via Xwindows/VNC/whatever.

I am starting to deploy GigE as a WAN technology. One nice
benefit is that the equipment (Cisco 6500/7600 class) has
capabilities not usually found in routers (such as remote
port mirroring). Coupled with VLAN ACL's, this can be quite
useful for ad-hoc remote diagnostics.

One particularly interesting adaptation is sFlow (RFC 3176),
currently only implemented by Foundry (I don't know of any
other vendors planning to implement sFlow). sFlow is usually
pitched against Netflow, I see it more as a diagnostic tool.
It works quite like port mirroring, but also allows sampling
and only sends header information to the collection server.

Pete.

• Previous message (by thread): Let's talk about Distance Sniffing/Remote Visibility
• Next message (by thread): Let's talk about Distance Sniffing/Remote Visibility
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]