Hi guys, at work we currenly have a switch on which we need to analyse the traffic that goes on between devices that are connected to it. Unfortunatley it doesn't have the ability to SPAN/port mirror, so I have been looking into a network TAP. The only problem I'm having is understanding how I could set it up. The way I've seen when doing some research is that it has 2 ports on which the traffic flows through and then 1 last port where to connect the devices that needs to monitor the traffic. The way I understand it is that you would connect the switch to one port and the router to the other.
Here is my problem: I only need to analyse the data that goes between devices that are connected to our switch, say I have a computer on LAN port1 and another Computer on LAN port2. They communicate with each other and would never reach out to the router, so could I just connect one of the inline ports on the network tap to the switch and the monitor port to the laptop running the monitor software, or does it require both inline ports on the tap to be connected to a device?
EDIT: To clarify, I know you could connect the two inline ports between the router and the switch, but would it then capture all traffic? Or just intercept and report the traffic that goes between the switch and the router, which is what I assume, and that would not resolve my issue.
No comments:
Post a Comment