Video Screencast Help

Network Monitor Install Details

Created: 25 Feb 2013 | 3 comments

I have the Symantec DLP 11.6 Installation Guide For Windows and it seems to gloss over the network monitor installation details.  It says you need a SPAN or tap, but not detail.

Is there a more detailed specific installation guide for each part of DLP in addition to the "Data Loss Prevention Installation Guide for Windows?"

I saw the thread here where they recommend Gigamon and link to www.gigamon.com, but there are too many prodicts to choose from when linked to the fromt page of the site..

What kind of TAP is recommended for an office with under 400 clients?  What is the rough price range for them?  

Is a TAP ro SPAN port mandatory for DLP network monitor to function at all?

 

Operating Systems:

Comments 3 CommentsJump to latest comment

stumunro's picture

net user,

 

a span/tap port is required to see all the traffic, is also reuires winpcap installed also. 

nic 1 is for the span port and nic2 is to talk to the enforce server. 

on a network monitor you want a wan port, you probably dont care about the site to site vpn traffic just the traffic leaving for internet. 

 

question is do you have a firewall or a edge switch you can do this on?

NetUser's picture

Yes there is a swicth and firewall between the server that will be the Network Monitor and the Inernet.

Another thread here said that a TAP is more simple and less likely to cause network problems than a SPAN port.

Is additional hardware required for both?  It seems like a TAP is another piece of hardware that needs to be plugged into the switch.  Is it the same for SPAN?

stumunro's picture

here is a website i send to my clients to explain,.some times pictures work better.

 

http://www.ntop.org/pf_ring/port-mirror-vs-network...