Curious how others capture Intra Switch traffic? If a single physical switch has many servers connected to it and most intra-server communication never leaves that physical switch, is there any other way to capture the traffic between the servers other than SPAN?
Network Taps would not catch Intra switch traffic, only traffic traversing the uplinks. Host based agents are a possibility I guess, but difficult to deploy/manage if you have a mix of Windows, Linux/Unix servers. NetFlow is an option, but some switches do not support NetFlow. Am I missing any other options?
No comments:
Post a Comment