Solved

port mirroring and performance

Posted on 2009-05-06
2
943 Views
Last Modified: 2012-05-06
we're installing an IDS here and need to do port mirroring on two modules on our core switch. How much impact am I looking at? is there an easier/better way to do this?


thanks
0
Comment
Question by:dissolved
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
2 Comments
 
LVL 10

Accepted Solution

by:
ngravatt earned 500 total points
ID: 24316108
there is not significant performance impact.  I use the port mirroring on my core switches, which or Cisco 6509s.  I almost always have two mirroring sessions running.  One is used for IDS and one is used to span all traffic over to another monitoring device.  Cisco limits the number of span sessions to two.

Looking at my 6509 right now, the CPU is less than 10% and the memory usage is about 110 megs.

The only other way to do this is to put your IDS inline or use a hub.  A hub will send all traffic received to all ports.  If you have a connection to your ISP router, then you can take that cable out of you ISP router and plug it into a 4 port hub.  Use one of the ports to complete the connection to your ISP router, then you can take another port and connect it to your IDS device.

There are also some other 3rd party devices that do the same exact thing.  I look into these in the past though, and they were not cheap.
0
 
LVL 10

Expert Comment

by:ngravatt
ID: 24316116
0

Featured Post

Portable, direct connect server access

The ATEN CV211 connects a laptop directly to any server allowing you instant access to perform data maintenance and local operations, for quick troubleshooting, updating, service and repair.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Cat6A Cabeling 3 58
No RSTP between switches 3 71
Network Switches 3 48
Dell Laptop dropped and Network plug or wireless dont work 7 41
This article will step through configuring a SonicWALL appliance to utilize an internal DHCP server for Global VPN Client (GVC) hosts.  There are times when using an external (external to the SonicWALL) DHCP server, such as Windows Servers, isn’t pr…
Every server (virtual or physical) needs a console: and the console can be provided through hardware directly connected, software for remote connections, local connections, through a KVM, etc. This document explains the different types of consol…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question