Re: Hub recommendations

[Matt Van Mater <matt.vanmater () gmail com>]

> Seems Cisco's port mirroring functions are rather different from one
> model to another, and from one firmware version to another.
>
> On one 2924XML switch, we have port 3 mirrored to 6, port 4 mirrored
> to 15, and 9 mirrored to something else (one with vlan support). I've
> not actually tried to mirror port 3 and 4 to 6 if that's what your
> asking.
Yes, Cisco's mirroring capability does vary widely between products as
well as between IOS and CATOS.  It is easy to aggregate many source
ports to a single destination port, what I want to do is have many
sources aggregated into a kind of 'pool' and then have their combined
traffic sent to multiple destination ports.  What you just described
to me is just a regular SPAN configuration.

switch1-----|                       |--IDS
switch2-----|----aggregator----|--ntop
switch3-----|                       |--ethereal


-------------------------------------------------------
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now. 
http://productguide.itmanagersjournal.com/
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users