Re: Switched hub

[Rich Adamson <radamson () routers com>]

> In about 1 month we are going to switch from a DMZ hub to a switch 
> network. Wat is the best way for following the network traffic, as
> normal its not possible to view other ports with a switch network.
 
That all depends upon exactly whose switch you purchase. Some switches
can do port mirroring very well while others are very poor at it (or
non-existent).

Most of the HP switches (as an example) can do port mirroring, however
some only support mirroring of one-side (transmit or receive) of a
mirrored port, while other HP switches support complete VLAN mirroring
(including the default VLAN). Some Cisco switches allow a single port
mirror while other models allow multiple port mirrors.

If your company is serious about security monitoring, the port mirroring
capability of your newly purchased boxes 'might' be a driving factor
as to exactly which switch is purchased.





-------------------------------------------------------
This SF.Net email is sponsored by: thawte's Crypto Challenge Vl
Crack the code and win a Sony DCRHC40 MiniDV Digital Handycam
Camcorder. More prizes in the weekly Lunch Hour Challenge.
Sign up NOW http://ad.doubleclick.net/clk;10740251;10262165;m
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users