[j-nsp] Traffic Information
Scott Weeks
surfer at mauigateway.com
Wed Mar 4 13:31:51 EST 2009
--- bmannella at teraswitch.com wrote:
From: Brendan Mannella <bmannella at teraswitch.com>
Wondering what the best/preferred method of capturing network traffic for analysis is. Using a mirrored port or actually sending the flows directly to a collector. Looking for pros and cons of each approach.
Also if you can give me some examples of whats used as a collector. I have been looking at ntop on the open source side and inmon traffic sentinel on the commercial side.
---------------------------------------------
Be careful with NTop. Turn everything off and turn on only what you need little by little. It can consume a LOT of CPU cycles. However, it gives you a LOT of information as well...
scott
------------------------
-------------------------
-----------------------
More information about the juniper-nsp
mailing list