How to Monitor Multiple Switches with a 2-Port IDS

Okay so my dilemma... we have two ProCurve 2810-24G switches, two ProCurve 4208vl switches, and one 5406zl switch.

The two 2810-24G switches have a trunk between them using LACP and the two 4208vl switches have a trunk between them using LACP as well. All 5 of the switches also have 2 uplinks to our routers which is two Juniper routers in a HA pair. Because of this configuration we have 10 uplinks ports but our IDS device only has 2 monitoring ports (Dell SecureWorks) so I cannot put the device in-line and purchasing 2-3 IDS devices is not possible.

I am trying to figure out how I can monitor 1 mirrored port on each switch (5 ports total) even though my IDS on has 2 monitoring ports. Any thoughts on creative ways to accomplish this?

Thanks in advance!
Jordan MedlenConnect With a Mentor Commented:
Probably want to look at something like this then...

It's the same type of product, just more ports. Would give you room to grow as well.
Jordan MedlenCommented:
You'll want to get a TAP device to aggregate your mirror ports over to your IDS. You could use one from a company such as at the following link...
AIC-AdminAuthor Commented:
Currently what I tried was mirroring a port from each switch to another Layer 2+ HP V1910-24G switch and then mirroring those 5 ports to another port where my IDS is connected and monitoring... this works when I only connect one switch for each of the trunks so I can connect 3 switches but once I connect the other switch in either trunk it destroys my network (all communication gets interrupted).

Any thought how I may be able to accomplish this using a method like I am trying since I already bought the HP V1910-24G Switch?
Jordan MedlenCommented:
I do not believe that HP supports RSPAN as I believe it's a Cisco only technology. RSPAN would allow you to accomplish what you want with the equipment you have. Getting a TAP device would be about the cost of a switch, is certainly a cheaper route than additional IDS systems, as well will not wreak havoc on your network when setting it up. I would highly recommend going this route.
AIC-AdminAuthor Commented:
Thanks Jordan! I am researching network taps now but I am having trouble finding one with the number of gigabit Ethernet ports I need. Since my IDS only has 2 monitoring ports I need a tap that can accept at least 4 Ethernet "uplinks" and I can then connect that and my 5th switch to the two IDS monitoring ports.
AIC-AdminAuthor Commented:
I ended up having to purchase a second Switch to run one set of mirrored ports over one scwitch and the second set of mirrored ports over another.
