Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
491
Views
0
Helpful
4
Replies

Bandwidth Limitations

Go to solution
anthonysgroi
Level 1
Level 1

‎12-05-2006 01:32 PM - edited ‎03-10-2019 03:21 AM

My current configuration is two CAT 6500's with 1 IDSM installed in each monitoring different VLAN's through SPAN. My question is what happens when there is say "too much" traffic? traffic is not qued is it? or is it left alone to pass. I dont want to introduce any latency/bottlenecks to the network. I cant seem to find any documents on how they react to situations like this. Any help would be great thank you.

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
a.kiprawih
Level 7
Level 7

‎12-05-2006 04:59 PM

Normally, if the monitored network traffic/stream is high and beyond the SPAN capability, other traffic will just flow through, not kept in queue and subsequently delayed the traffic flow.

This is a nature of SPAN where it will only capture a snapshot of passing traffic, and this works fine in conjunction with IDSM's promiscuous mode that monitor traffic in passive mode.

Passive mode cannot drop packets to block a network intrusion attempt, but can send TCP resets to both sides of the network connection to try to break the connection.

http://www.cisco.com/en/US/partner/products/hw/vpndevc/ps4077/products_configuration_guide_chapter09186a008055df92.html#wp1067335

HTH

AK

View solution in original post

0 Helpful
4 Replies 4

Go to solution
a.kiprawih
Level 7
Level 7

‎12-05-2006 04:59 PM

Normally, if the monitored network traffic/stream is high and beyond the SPAN capability, other traffic will just flow through, not kept in queue and subsequently delayed the traffic flow.

This is a nature of SPAN where it will only capture a snapshot of passing traffic, and this works fine in conjunction with IDSM's promiscuous mode that monitor traffic in passive mode.

Passive mode cannot drop packets to block a network intrusion attempt, but can send TCP resets to both sides of the network connection to try to break the connection.

http://www.cisco.com/en/US/partner/products/hw/vpndevc/ps4077/products_configuration_guide_chapter09186a008055df92.html#wp1067335

HTH

AK

0 Helpful

Go to solution
anthonysgroi
Level 1
Level 1
In response to a.kiprawih

‎12-06-2006 10:11 AM

Ok thank you very much but that link isnt working for me.

0 Helpful

Go to solution
anthonysgroi
Level 1
Level 1
In response to a.kiprawih

‎12-06-2006 07:10 PM

Thank you.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card