Solved

port mirroring and performance

Posted on 2009-05-06
2
930 Views
Last Modified: 2012-05-06
we're installing an IDS here and need to do port mirroring on two modules on our core switch. How much impact am I looking at? is there an easier/better way to do this?


thanks
0
Comment
Question by:dissolved
  • 2
2 Comments
 
LVL 10

Accepted Solution

by:
ngravatt earned 500 total points
ID: 24316108
there is not significant performance impact.  I use the port mirroring on my core switches, which or Cisco 6509s.  I almost always have two mirroring sessions running.  One is used for IDS and one is used to span all traffic over to another monitoring device.  Cisco limits the number of span sessions to two.

Looking at my 6509 right now, the CPU is less than 10% and the memory usage is about 110 megs.

The only other way to do this is to put your IDS inline or use a hub.  A hub will send all traffic received to all ports.  If you have a connection to your ISP router, then you can take that cable out of you ISP router and plug it into a 4 port hub.  Use one of the ports to complete the connection to your ISP router, then you can take another port and connect it to your IDS device.

There are also some other 3rd party devices that do the same exact thing.  I look into these in the past though, and they were not cheap.
0
 
LVL 10

Expert Comment

by:ngravatt
ID: 24316116
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

The following recovery method will work on All Cisco Switchs that run ISO software. You will need a good copy of the IOS version you want you use saved on your PC and a Com's Cable. The software for these switches comes as a .tar file. Tar is …
This article will step through configuring a SonicWALL appliance to utilize an internal DHCP server for Global VPN Client (GVC) hosts.  There are times when using an external (external to the SonicWALL) DHCP server, such as Windows Servers, isn’t pr…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now