[c-nsp] Monitoring HTTP / url access @10gig
Phil Mayers
p.mayers at imperial.ac.uk
Mon Oct 5 07:57:08 EDT 2009
We currently monitor web access from our campus with a VACL capture,
picked up by a server-class machine with a 10gig port. Hardware is
sup720, and our internet links are 10gig, doing well over 1gbit/sec.
For various reasons this solution is unsatisfactory; the VACL doesn't
work well and doesn't support IPv6, SPAN sessions are limited and policy
routing to a web cache is exactly what we don't want to do. What other
solutions can people recommend?
I see that GigaMon make an interesting (and expensive looking) product:
http://www.gigamon.com/gigavue-420.php
...which claims to be able to tap a 10gig link, filter the traffic then
direct it to a 1gig port. This could be interesting for a number of reasons.
Other suggestions welcome.
More information about the cisco-nsp
mailing list