Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Network Forensics monitoring

I know this is a little off the mark but,

We have some people from Network Forensics installing monitoring equipment soon.

Supposedly, this device is going to capture every packet on the network.

How does this work and will it slow things down?

We have many VLANs, are they going to monitor every default gateway?

How would something like this be done?

New Member

Re: Network Forensics monitoring

This should give you some good overview of the product


Re: Network Forensics monitoring

Do you mean NetForensics? If so, it's a SIM product and it doesn't collect collects events. IDS events. Router events. Firewall events. Host events. etc, etc. Are you a network guy and the security guys will be using this product? They can impact the network, but not in the way you're thinking. A router configured to log events [maybe that it previously was not configured to] could become overloaded. Devices sending events over a slow link could saturate the link. etc.

CreatePlease to create content