Re: Which switches are recommneded

[Jeff Coppock <jcoppock1 () comcast net>]

> -----Original Message-----
> From: Albert E. Whale
> Sent: Sunday 17 December 2006 07:46
> To: snort-users () lists sourceforge net
> Subject: [Snort-users] Which switches are recommneded
>
>
> I have an opportunity to implement a Corporate backbone with the right
> tools.
>
> I originally was reviewing the Linksys Managed Switches, until I
> discovered that these devices do not support SPAN (Switch Port
> ANalyzer), which permits traffic to be monitored by another port (did I
> need to say this in this group, probably not!).
>
> Anyway, are there any other switches being used that permit the Snort
> IDS to monitor traffic in the switch (without using an external device?).
>
> TIA

All the Nortel switches support port mirroring.  Most allow you to mirror on 
ingress and/or egress per port to at least one mirrored port, and some 
allow you to mirror to a remote IP address.  You can filter for specific 
traffic, or all traffic.  This is on both the Layer 2 and the Layer 3 
switches.

jc

-- 
Jeff Coppock
Network Engineer
Diggin' Debian

-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys - and earn cash
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users