Sales Engineer | Technical Sales | Pre-Sales at SUSE
Vendor
2021-01-13T16:30:31Z
Jan 13, 2021
First question should be, do have have a specific requirement or business need you need to address? From there you need to look at the solutions and how they answer your questions.
There are quite a few solutions out there, but the type of data they ingest and the type of data they present will determine if it is the solution for you.
Typically a SPAN or Monitor port should only really be used for troubleshooting purposes, so I always recommend either making use of Netflow or taps/packet brokers (Keysight/Ixia/Cubro/etc.).
Also SPAN/Monitor ports can add some issues to your environment or data - especially if you are trying to support voice/video environments.
Once you have identified that, you need to know if the solution can handle the data - 1Gb/5Gb/10Gb/50Gb/100Gb etc.
I can recommend the following solutions, but it will all depend on what your need is and what your budget is: Colasoft Capsa Sintrex Flow Module ExtraHop Reveal(x) Netscout nGeniusOne VoipMon - for voice only
There are even a few free options (ntopng for one) that can give you some basic insight - and it might be a great place to start if you are new to NTA.
Search for a product comparison in Network Traffic Analysis (NTA)
Network Traffic Analysis (NTA) is critical for identifying and addressing potential security threats by monitoring and analyzing network flows. It provides valuable insights into network health and vulnerabilities, allowing IT professionals to act proactively.NTA tools help organizations protect their assets by closely examining the data traversing their networks. These solutions offer deep visibility into network activities and can efficiently detect anomalies and suspicious behavior...
First question should be, do have have a specific requirement or business need you need to address? From there you need to look at the solutions and how they answer your questions.
There are quite a few solutions out there, but the type of data they ingest and the type of data they present will determine if it is the solution for you.
Typically a SPAN or Monitor port should only really be used for troubleshooting purposes, so I always recommend either making use of Netflow or taps/packet brokers (Keysight/Ixia/Cubro/etc.).
Also SPAN/Monitor ports can add some issues to your environment or data - especially if you are trying to support voice/video environments.
Once you have identified that, you need to know if the solution can handle the data - 1Gb/5Gb/10Gb/50Gb/100Gb etc.
I can recommend the following solutions, but it will all depend on what your need is and what your budget is:
Colasoft Capsa
Sintrex Flow Module
ExtraHop Reveal(x)
Netscout nGeniusOne
VoipMon - for voice only
There are even a few free options (ntopng for one) that can give you some basic insight - and it might be a great place to start if you are new to NTA.
FortiAnalyzer can give good reports on enterprise wide traffic analysis.