I continue to research ways to capture information useful for network security monitoring. I found
CAIDA's tools taxonomy helpful.
RMON (Remote Monitoring) is one solution, especially since it can support full packet capture. (See the
IETF charter,
mailing list, and
Cisco overview.)
NetScout probes are a commercial option, although it seems
ntop (
mailing list) can be
modified to collect RMON data. Cisco's
NetFlow data appears useful. Competitors include
sFlow and
nFlow.
Tidak ada komentar:
Posting Komentar