There is quite a lot of documentation provided with the Napatech cards if you are a customer, but the default configs provided aren’t what you want to use to hit the ground running for IDS setups. To configure the card to split the traffic up into 8 streams by hashing the headers, create a /opt/napatech/config/custom.cfg file [...]
|
||||||
|
Had a meeting today and someone clued me into the existance of VSS Monitoring makes taps that use a hashing algorithm to distribute the load of 10G taps across several monitoring ports. This method ensures that all the packets of a TCP session is distributed to the same monitoring port. This is much like what stream capable cards from [...] I am pontificating upon the problem of doing IDS on high speed (10 gigabit or greater) networks without massive amounts of traffic being missed by the IDS due to the bottleneck of a single core being used for analysis. More specifically, a single stream of traffic is only being able to be analyzed by a single process that [...] If you need “Industrial Strength” IDS and network forensics capabilities, you are going to need to get you some disk space.
That is what 120TB looks like. The other 120TB will be sitting somewhere else. |
||||||
|
Copyright © 2010 Trojaned Binaries - All Rights Reserved |
||||||