• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 286
  • Last Modified:

Cisco Switch Spanning Port

I have 4 Cisco 3500 series switches.  All linked together via the GBIC (I think that's what it's called) interface.   My question is, if I have one particular port, on ONE of these switches set in spanning mode, and I have my IDS/IPS system plugged into that port, is it monitoring activity from my other 3 switches as well?
0
psueoc
Asked:
psueoc
  • 3
  • 3
1 Solution
 
lrmooreCommented:
No, it is not. It is only monitoring traffic that is coming through that switch.
You can enable RSPAN on the other 3 switches so that they will mirror all of their traffic to the 1
http://www.cisco.com/en/US/products/hw/switches/ps646/products_configuration_guide_chapter09186a00801ce0bc.html
0
 
psueocAuthor Commented:
wouldn't that put a tremendous additional load on the switches, as well as create a ton of additional traffic?  I have to keep performance in mind also.
0
 
lrmooreCommented:
Absolutely. It should only be used for very specific troubleshooting reasons and with prudence.
what application are you trying to use on the span port, and what are you trying to accomplish? There may be a better way.
0
Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

 
psueocAuthor Commented:
I'm running SNORT on a system plugged into the spanning port.  Really just an experimental thing.  I was just curious to know whether I was seeing ALL of our network traffic or not.
0
 
lrmooreCommented:
I would place your snort on a span port on whichever switch your outbound router/firewall is located. At least you get all traffic coming in/going out of the network.

0
 
psueocAuthor Commented:
ok....thanks
0

Featured Post

[Webinar] Cloud and Mobile-First Strategy

Maybe you’ve fully adopted the cloud since the beginning. Or maybe you started with on-prem resources but are pursuing a “cloud and mobile first” strategy. Getting to that end state has its challenges. Discover how to build out a 100% cloud and mobile IT strategy in this webinar.

  • 3
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now