Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
592
Views
0
Helpful
2
Replies

CiscoWorks LMS Packet Capture - Automation

jaleach
Level 1
Level 1

‎02-13-2006 02:19 AM - edited ‎03-09-2019 01:54 PM

Hi,

I've got CiscoWorks LMS2.5 (Dec2k5) up and running soundly and our security guys would like us to regularly audit the network traffic (sniff and review packets).

Is it possible to setup Ciscoworks to regularly run packet captures on devices?

Our network only has about 25 switches so we don't want to fork out for a full IDS.

Thanks in advance..

Labels:
0 Helpful
2 Replies 2

pradeepde
Level 5
Level 5

‎02-16-2006 11:39 AM

Why don't you go for SPAN or RSPAN for packet monitoring?. This SPAN actually monitors the traffic. This enables one port to monitor the rest.

Hope this document will help you out in configuring SPAN and RSPAn.

http://www.cisco.com/univercd/cc/td/doc/product/lan/cat3560/12220se/3560scg/swspan.htm

0 Helpful

jaleach
Level 1
Level 1
In response to pradeepde

‎02-20-2006 12:00 AM

Thanks - yes I do already have a SPAN port setup - which is how we use the Packet Capture feature. I was hoping there might be a way of regularly running a capture.... If not i'll just end up writing a tcpdump script in php.

Thanks again.

0 Helpful
Customers Also Viewed These Support Documents