Difference between revisions of "Multi-Tap Network Packet Capturing"

From NST Wiki
Jump to navigationJump to search
(Multi-Tap Network Packet Capture: Traffic Between Gigabit Switches)
(Multi-Tap Network Packet Capture: NAT/PAT Traffic)
Line 8: Line 8:
 
The diagram depicted below shows an example '''Multi-Tap Capture Setup''' for monitoring GigaBit traffic across a firewall boundary. We will explore the capturing of packets as they transverse the firewall and undergo both '''Network''' and '''Port Address Translation'''.
 
The diagram depicted below shows an example '''Multi-Tap Capture Setup''' for monitoring GigaBit traffic across a firewall boundary. We will explore the capturing of packets as they transverse the firewall and undergo both '''Network''' and '''Port Address Translation'''.
  
[[Image:Nst_quad_tap_networking2.png|center|frame|Multi-Tap Packet Capture: Packet Capture Across A Firewall Using NAT/PAT]]
+
[[Image:Nst_quad_tap_networking2.png|center]]
  
 
== Multi-Tap Network Packet Capture: Traffic Between Gigabit Switches ==
 
== Multi-Tap Network Packet Capture: Traffic Between Gigabit Switches ==

Revision as of 08:39, 2 July 2008

Overview

This section will demonstrate the use of Multi-Tap Network Packet Capture with NST. The NST WUI implementation supports simultaneous Packet Capture on up to 4 network interfaces (Quad Tap) per multi-tap capture session. NST uses the Wireshark network protocol analyzer suite for network packet capture. The light-weight network packet capture tool: "dumpcap" is used as the capture engine.

When capturing packets at Gigabit Ethernet rates and one needs total visibility on the link, then a passive tap is required. Net Optics, a global leader in passive monitoring, makes an excellent 10/100/1000BaseT Tap (TP-CU3) for passively allowing access to monitor GigaBit traffic.

Multi-Tap Network Packet Capture: NAT/PAT Traffic

The diagram depicted below shows an example Multi-Tap Capture Setup for monitoring GigaBit traffic across a firewall boundary. We will explore the capturing of packets as they transverse the firewall and undergo both Network and Port Address Translation.

Multi-Tap Network Packet Capture: Traffic Between Gigabit Switches

The diagram displayed below shows an example Dual-Tap Capture Setup for monitoring network traffic between 2 Gigabit switches. In this case a generic notebook computer was used and configured with 3 network interfaces (A built-in Gigabit LAN adapter, a Gigabit LAN adapter PC-Card and a built-in 802.11g/n wireless adapter for secure remote access and control of NST).

Multi-Tap Packet Capture: Packet Capture Between 2 Gigabit Switches