Segurança Em Redes De Comunicações

Network Passive Probing Packet Capturing

User for:

  • Specific and detailed data inference,

  • Infer small and medium timescale dynamics.

Probe type:

  • Switch mirror port,

  • In-line,

  • Network tap.

Filtering/sampled by.

  • User/terminal address/VLAN/access port,

  • Group address/VLAN/access port,

  • Protocols (UDP/TCP),

  • Upper layer protocols,

    • Hard to identify due to encryption and legal/privacy constraints.

  • UDP/TCP port number/range.

Data processing.

  • Packet/byte count,

  • Flow count,

  • IP addresses and port distribution,

  • App/service statistics and distribution.

Local vs. Centralized storage and processing.

  • Data upload to a centralized point should not have an impact on measurements.

  • Local storage/processing requires probes with more resources.

PreviousNetFlowNextRemote CLI Access

Last updated