Does anyone have recommendations for a traffic analyser? Looking for something that has the following capabilities:
- Inline capapbility or ability to receive SPAN traffic
- Netflow receiver capability (would rather the above though)
- Multiple 10Gbps input capability
- Preference for hardware appliance over VM
- Per-interface monitoring capability
- History - i.e abililty to view traffic patterns from the past
- IP Source/destination reporting
- Application information / graphing (ports/protocols at minimum)
- Ability to monitor/inspect and report Cos/QoS markings
- Measure jitter/latency over time
- Ability to dump/investigate packets for forensics (including payload)
- Any forensic capability would be a big plus
- Reporting capability
- Web interface
- Prefer LDAP/AD integration
- Paid support
- A bit plus would be the capability to detect threats
No comments:
Post a Comment