Sales Engineer | Technical Sales | Pre-Sales at SUSE
Vendor
2021-01-13T16:30:31Z
Jan 13, 2021
First question should be, do have have a specific requirement or business need you need to address? From there you need to look at the solutions and how they answer your questions.
There are quite a few solutions out there, but the type of data they ingest and the type of data they present will determine if it is the solution for you.
Typically a SPAN or Monitor port should only really be used for troubleshooting purposes, so I always recommend either making use of Netflow or taps/packet brokers (Keysight/Ixia/Cubro/etc.).
Also SPAN/Monitor ports can add some issues to your environment or data - especially if you are trying to support voice/video environments.
Once you have identified that, you need to know if the solution can handle the data - 1Gb/5Gb/10Gb/50Gb/100Gb etc.
I can recommend the following solutions, but it will all depend on what your need is and what your budget is: Colasoft Capsa Sintrex Flow Module ExtraHop Reveal(x) Netscout nGeniusOne VoipMon - for voice only
There are even a few free options (ntopng for one) that can give you some basic insight - and it might be a great place to start if you are new to NTA.
Search for a product comparison in Network Traffic Analysis (NTA)
Network Traffic Analysis (NTA) is used to monitor, analyze, and optimize the flow of network traffic to identify performance issues, security threats, and ensure efficient data handling.
NTA tools enable organizations to visualize network activity in real-time and support historical data analysis. Users can detect anomalies, uncover hidden threats, and optimize their IT infrastructure. Advanced NTA solutions offer machine learning capabilities to automate threat detection and response,...
First question should be, do have have a specific requirement or business need you need to address? From there you need to look at the solutions and how they answer your questions.
There are quite a few solutions out there, but the type of data they ingest and the type of data they present will determine if it is the solution for you.
Typically a SPAN or Monitor port should only really be used for troubleshooting purposes, so I always recommend either making use of Netflow or taps/packet brokers (Keysight/Ixia/Cubro/etc.).
Also SPAN/Monitor ports can add some issues to your environment or data - especially if you are trying to support voice/video environments.
Once you have identified that, you need to know if the solution can handle the data - 1Gb/5Gb/10Gb/50Gb/100Gb etc.
I can recommend the following solutions, but it will all depend on what your need is and what your budget is:
Colasoft Capsa
Sintrex Flow Module
ExtraHop Reveal(x)
Netscout nGeniusOne
VoipMon - for voice only
There are even a few free options (ntopng for one) that can give you some basic insight - and it might be a great place to start if you are new to NTA.
FortiAnalyzer can give good reports on enterprise wide traffic analysis.