Abstract: Fundamentals of Passive Monitoring Access

Joy Weber, Net Optics

The explosion in network security and monitoring solutions has created challenges for operators who need secure access to network traffic in order to enable security and monitoring assets. Operators are looking for ways they can obtain high-visibility access to network traffic without affecting the security and integrity of their enterprise networks. Finding solutions that maintain link uptime, prevent packet loss and latency, avoid new points of failure, and provide flexibility and scalability is critical to successful network security and monitoring. This tutorial covers connectivity options that address these increasingly common issues. Participants will learn best practices for connecting their Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS), probes, and analyzers to critical network links.

Section 1: During the first half of the tutorial, participants receive an introduction to various methods of accessing network traffic, including hubs, network taps, and switch SPAN ports. The advantages and disadvantages of each will be presented. The various types of taps and their application in the network infrastructure will be presented along with diagrams of typical installations.

Section 2: The second half of the tutorial covers various methods operators can use to increase the reach, efficiency, and value of their existing investments in network security and monitoring solutions. Participants learn how port and link aggregation solves connectivity and coverage challenges. Concurrent monitoring of a single link and connectivity flexibility are applications relevant to regeneration taps and matrix switches. An explanation of common link aggregator and matrix switch deployments will include both inline and SPAN applications.

Link to the presentation

Fundamentals of Passive Monitoring Access - Real VideoReal Video Presentation