Difference between revisions of "Multi-Tap Network Packet Capturing"

From NST Wiki
Jump to navigationJump to search
Line 1: Line 1:
 +
== Overview ==
 +
 
This section with demonstrate the use of '''Multi-Tap Network Packet Capture''' with NST. The NST WUI implementation supports simultaneous Packet Capture on up to 4 network interfaces (Quad Tap) per multi-tap capture session. NST uses the [http://www.wireshark.org Wireshark] network protocol analyzer suite for network packet capture. The light-weight network packet capture tool: "'''dumpcap'''" is used as the capture engine.
 
This section with demonstrate the use of '''Multi-Tap Network Packet Capture''' with NST. The NST WUI implementation supports simultaneous Packet Capture on up to 4 network interfaces (Quad Tap) per multi-tap capture session. NST uses the [http://www.wireshark.org Wireshark] network protocol analyzer suite for network packet capture. The light-weight network packet capture tool: "'''dumpcap'''" is used as the capture engine.
  
 
When capturing packets at Gigabit Ethernet rates and one needs <u>total</u> ''visibility'' on the link, then a passive tap is required. [http://www.netoptics.com Net Optics], a global leader in passive monitoring, makes an excellent 10/100/1000BaseT Tap ([http://www.netoptics.com/products/product_family_details.asp?cid=1&pid=141&Section=products&menuitem=1&tag=NetOptics+Network+Taps TP-CU3]) for passively allowing access to monitor GigaBit traffic.
 
When capturing packets at Gigabit Ethernet rates and one needs <u>total</u> ''visibility'' on the link, then a passive tap is required. [http://www.netoptics.com Net Optics], a global leader in passive monitoring, makes an excellent 10/100/1000BaseT Tap ([http://www.netoptics.com/products/product_family_details.asp?cid=1&pid=141&Section=products&menuitem=1&tag=NetOptics+Network+Taps TP-CU3]) for passively allowing access to monitor GigaBit traffic.
  
 +
== Multi-Tap Network Packet Capture: NAT/PAT Traffic ==
 
The diagram depicted below shows and example '''Multi-Tap Capture Setup''' for monitoring GigaBit traffic across a firewall boundary. We will explore the capturing of packets as they transverse the firewall and under go both '''Network''' and '''Port Address Translation'''.
 
The diagram depicted below shows and example '''Multi-Tap Capture Setup''' for monitoring GigaBit traffic across a firewall boundary. We will explore the capturing of packets as they transverse the firewall and under go both '''Network''' and '''Port Address Translation'''.
  
 
[[Image:Nst_quad_tap_networking.png|center|thumb|800px|Multi-Tap PacketCapture]]
 
[[Image:Nst_quad_tap_networking.png|center|thumb|800px|Multi-Tap PacketCapture]]

Revision as of 11:33, 12 June 2008

Overview

This section with demonstrate the use of Multi-Tap Network Packet Capture with NST. The NST WUI implementation supports simultaneous Packet Capture on up to 4 network interfaces (Quad Tap) per multi-tap capture session. NST uses the Wireshark network protocol analyzer suite for network packet capture. The light-weight network packet capture tool: "dumpcap" is used as the capture engine.

When capturing packets at Gigabit Ethernet rates and one needs total visibility on the link, then a passive tap is required. Net Optics, a global leader in passive monitoring, makes an excellent 10/100/1000BaseT Tap (TP-CU3) for passively allowing access to monitor GigaBit traffic.

Multi-Tap Network Packet Capture: NAT/PAT Traffic

The diagram depicted below shows and example Multi-Tap Capture Setup for monitoring GigaBit traffic across a firewall boundary. We will explore the capturing of packets as they transverse the firewall and under go both Network and Port Address Translation.

Multi-Tap PacketCapture