Difference between revisions of "Multi-Tap Network Packet Capturing"

From NST Wiki
Jump to navigationJump to search
(Multi-Tap Network Packet Capture: NAT/PAT Traffic)
(Overview)
Line 1: Line 1:
 
== Overview ==
 
== Overview ==
  
This section with demonstrate the use of '''Multi-Tap Network Packet Capture''' with NST. The NST WUI implementation supports simultaneous Packet Capture on up to 4 network interfaces (Quad Tap) per multi-tap capture session. NST uses the [http://www.wireshark.org Wireshark] network protocol analyzer suite for network packet capture. The light-weight network packet capture tool: "'''dumpcap'''" is used as the capture engine.
+
This section will demonstrate the use of '''Multi-Tap Network Packet Capture''' with NST. The NST WUI implementation supports simultaneous Packet Capture on up to 4 network interfaces (Quad Tap) per multi-tap capture session. NST uses the [http://www.wireshark.org Wireshark] network protocol analyzer suite for network packet capture. The light-weight network packet capture tool: "'''dumpcap'''" is used as the capture engine.
  
 
When capturing packets at Gigabit Ethernet rates and one needs <u>total</u> ''visibility'' on the link, then a passive tap is required. [http://www.netoptics.com Net Optics], a global leader in passive monitoring, makes an excellent 10/100/1000BaseT Tap ([http://www.netoptics.com/products/product_family_details.asp?cid=1&pid=141&Section=products&menuitem=1&tag=NetOptics+Network+Taps TP-CU3]) for passively allowing access to monitor GigaBit traffic.
 
When capturing packets at Gigabit Ethernet rates and one needs <u>total</u> ''visibility'' on the link, then a passive tap is required. [http://www.netoptics.com Net Optics], a global leader in passive monitoring, makes an excellent 10/100/1000BaseT Tap ([http://www.netoptics.com/products/product_family_details.asp?cid=1&pid=141&Section=products&menuitem=1&tag=NetOptics+Network+Taps TP-CU3]) for passively allowing access to monitor GigaBit traffic.

Revision as of 18:18, 12 June 2008

Overview

This section will demonstrate the use of Multi-Tap Network Packet Capture with NST. The NST WUI implementation supports simultaneous Packet Capture on up to 4 network interfaces (Quad Tap) per multi-tap capture session. NST uses the Wireshark network protocol analyzer suite for network packet capture. The light-weight network packet capture tool: "dumpcap" is used as the capture engine.

When capturing packets at Gigabit Ethernet rates and one needs total visibility on the link, then a passive tap is required. Net Optics, a global leader in passive monitoring, makes an excellent 10/100/1000BaseT Tap (TP-CU3) for passively allowing access to monitor GigaBit traffic.

Multi-Tap Network Packet Capture: NAT/PAT Traffic

The diagram depicted below shows and example Multi-Tap Capture Setup for monitoring GigaBit traffic across a firewall boundary. We will explore the capturing of packets as they transverse the firewall and under go both Network and Port Address Translation.

File:Nst quad tap networking2.png
Multi-Tap PacketCapture