Multi-Tap Network Packet Capturing: Difference between revisions
| Line 6: | Line 6: | ||
== Multi-Tap Network Packet Capture: NAT/PAT Traffic == | == Multi-Tap Network Packet Capture: NAT/PAT Traffic == | ||
The diagram depicted below shows | The diagram depicted below shows an example '''Multi-Tap Capture Setup''' for monitoring GigaBit traffic across a firewall boundary. We will explore the capturing of packets as they transverse the firewall and undergo both '''Network''' and '''Port Address Translation'''. | ||
[[Image:Nst_quad_tap_networking2.png|center|thumb|800px|Multi-Tap PacketCapture]] | [[Image:Nst_quad_tap_networking2.png|center|thumb|800px|Multi-Tap PacketCapture]] | ||
Revision as of 18:10, 17 June 2008
Overview
This section will demonstrate the use of Multi-Tap Network Packet Capture with NST. The NST WUI implementation supports simultaneous Packet Capture on up to 4 network interfaces (Quad Tap) per multi-tap capture session. NST uses the Wireshark network protocol analyzer suite for network packet capture. The light-weight network packet capture tool: "dumpcap" is used as the capture engine.
When capturing packets at Gigabit Ethernet rates and one needs total visibility on the link, then a passive tap is required. Net Optics, a global leader in passive monitoring, makes an excellent 10/100/1000BaseT Tap (TP-CU3) for passively allowing access to monitor GigaBit traffic.
Multi-Tap Network Packet Capture: NAT/PAT Traffic
The diagram depicted below shows an example Multi-Tap Capture Setup for monitoring GigaBit traffic across a firewall boundary. We will explore the capturing of packets as they transverse the firewall and undergo both Network and Port Address Translation.
