<div>
Okay, so how do I use this baseline?<br />
<br />
Do I need to take one every day, week, etc.?<br />
<br />
How long should I capture the traffic for?<br />
<br />
I don't have huge amounts of disk space to play with and spanning on a core router would need authorization because of the possibility of an increased load or affecting traffic flow.<br />
<br />
Capture everything?
</div>


Okay, so how do I use this baseline?

Do I need to take one every day, week, etc.?

How long should I capture the traffic for?

I don't have huge amounts of disk space to play with and spanning on a core router would need authorization because of the possibility of an increased load or affecting traffic flow.

Capture everything?

<div>
<div class="content wysiwyg-content">
Has anyone ideas on how to baseline a network with wireshark?<br />
<br />
Span the port a workstation is on and then start capturing? Get the boot up, dhcp, start applications?<br />
<br />
How about the network itself? With switches you only get broadcast and traffic to your computer.<br />
<br />
How long should the capture last?<br />
<br />
Do you need a capture for each model of workstation, laptop and server?<br />
<br />

</div>
</div>


Has anyone ideas on how to baseline a network with wireshark?

Span the port a workstation is on and then start capturing? Get the boot up, dhcp, start applications?

How about the network itself? With switches you only get broadcast and traffic to your computer.

How long should the capture last?

Do you need a capture for each model of workstation, laptop and server?



Create a baseline with Wireshark

A router is a networking device that forwards data packets between computer networks. Routers perform the "traffic directing" functions on the Internet. The most familiar type of routers are home and small office cable or DSL routers that simply pass data, such as web pages, email, IM, and videos between computers and the Internet. More sophisticated routers, such as enterprise routers, connect large business or ISP networks up to the powerful core routers that forward data at high speed along the optical fiber lines of the Internet backbone. Though routers are typically dedicated hardware devices, use of software-based routers has grown increasingly common.

Routers

Network analysis is the process of identifying and remediating the processes and systems within a network, including performance, connectivity and security. The process is performed through the use of tools developed for monitoring and analyzing network activity. Network problems that involve finding an optimal way of doing something are studied under the name combinatorial optimization. Examples include network flow, shortest path problem, transport problem, transshipment problem, location problem, matching problem, assignment problem, packing problem, routing problem, Critical Path Analysis and PERT (Program Evaluation & Review Technique).

Network Analysis

A switch is a device that filters and forwards packets of data between LAN segments. Switches operate at the data link layer or the network layer of the Open Systems Interconnection (OSI) Reference Model and therefore support any packet protocol. LANs that use switches to join segments are called switched LANs or, in the case of Ethernet networks, switched Ethernet LANs. A hub is a connection point for devices in a network. Hubs are commonly used to connect segments of a LAN. A hub contains multiple ports; when a packet arrives at one port, it is copied to the other ports so that all segments of the LAN can see all packets.