|
Firewall Wizards
mailing list archives
Re: Shomiti Taps, Cisco Port Mirroring and IDS
From: Don Ng <sayhockng () yahoo com>
Date: Sun, 6 Jan 2002 00:10:33 -0800 (PST)
Hello John, the following case is where the firewall
is connected directly to the external router. So there
was no switches that could be used to carry out
Spanning. So I was looking at how to use taps.
The only reason to use taps instead of hubs is to
ensure that when there is a power failure, the normal
traffic can still pass thorugh.
Though I could get an UPS for the HUB :)
Thanks
Don
--- John Adams <jna () retina net> wrote:
I don't understand why you would ever need one of
these devices if you
have the two switches on a VLAN and you have a span
port enabled.
On the other hand, if you think you need another
hub, perhaps you could
use two crossover cables in and out of the tap?
-john
On Thu, 3 Jan 2002, Don Ng wrote:
Hello all, just need some assistance on the issue
of
Shomiti taps. I have spoken to the vendors but
they
had to check ...
I am looking at their Century taps that comes
with 4
ports.
Two ports are used to place the device inline
with
the segment to be monitored.
Original
Router-----Firewall
After
Router----<P 1> Century TAP <Port 2>---Firewall
| |
<P 3> <P 4>
The vendors advised me that for the other 2 ports,
I
was told that each port mirrored out one direction
flow. Eg. Router --->Firewall for Port 3 and
Firewall---> Router for Port 4.
From the looks of things I would have to connect
both
Port 3 and 4 to another Hub and plugging an
network
IDS into that hub.
Router----<P 1> Century TAP <Port 2>---Firewall
| |
<P 3> <P 4>
| |
HUB
|----NID-200
Is this the optimal way to put an inline tap.
Cisco port mirroring seems to work fine mirroing
multiple ports to a single port connected to an
IDS.
Glad for any help and comments.
=====
A Nobel Peace Prize for Jim Henson,
He bought laughter to a lot of people.
PS: I work in www.Quantiqint.com so
comments regarding CyberGuard FW, NFR Security,
Network-1,
might be judged to be biased.
__________________________________________________
Do You Yahoo!?
Send your FREE holiday greetings online!
http://greetings.yahoo.com
_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr com
http://list.nfr.com/mailman/listinfo/firewall-wizards
--
J. Adams http://www.retina.net/~jna
I'm not offened by the things that you say, 'cause
it's such a predictable
way to wreak havoc / Talk. I need something to agree
with at first / You
were right / I was wrong / Now does that make you
happy? --Lush
=====
A Nobel Peace Prize for Jim Henson,
He bought laughter to a lot of people.
PS: I work in www.Quantiqint.com so
comments regarding CyberGuard FW, NFR Security, Network-1,
might be judged to be biased.
__________________________________________________
Do You Yahoo!?
Send FREE video emails in Yahoo! Mail!
http://promo.yahoo.com/videomail/
_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr com
http://list.nfr.com/mailman/listinfo/firewall-wizards
 By Date 
By Thread
Current thread:
- Re: Shomiti Taps, Cisco Port Mirroring and IDS, (continued)
|
Intro
