Sales Engineer | Technical Sales | Pre-Sales at SUSE
Vendor
2021-01-13T16:30:31Z
Jan 13, 2021
First question should be, do have have a specific requirement or business need you need to address? From there you need to look at the solutions and how they answer your questions.
There are quite a few solutions out there, but the type of data they ingest and the type of data they present will determine if it is the solution for you.
Typically a SPAN or Monitor port should only really be used for troubleshooting purposes, so I always recommend either making use of Netflow or taps/packet brokers (Keysight/Ixia/Cubro/etc.).
Also SPAN/Monitor ports can add some issues to your environment or data - especially if you are trying to support voice/video environments.
Once you have identified that, you need to know if the solution can handle the data - 1Gb/5Gb/10Gb/50Gb/100Gb etc.
I can recommend the following solutions, but it will all depend on what your need is and what your budget is: Colasoft Capsa Sintrex Flow Module ExtraHop Reveal(x) Netscout nGeniusOne VoipMon - for voice only
There are even a few free options (ntopng for one) that can give you some basic insight - and it might be a great place to start if you are new to NTA.
Search for a product comparison in Network Traffic Analysis (NTA)
Network Traffic Analysis (NTA) offers in-depth visibility into network operations, helping identify patterns, anomalies, and potential security threats. It assists IT professionals in optimizing network performance and enhancing security measures by analyzing data traffic. Network Traffic Analysis tools are essential in monitoring and analyzing network data to detect performance issues and security threats. They collect and analyze data packets traversing the network to provide insights on...
First question should be, do have have a specific requirement or business need you need to address? From there you need to look at the solutions and how they answer your questions.
There are quite a few solutions out there, but the type of data they ingest and the type of data they present will determine if it is the solution for you.
Typically a SPAN or Monitor port should only really be used for troubleshooting purposes, so I always recommend either making use of Netflow or taps/packet brokers (Keysight/Ixia/Cubro/etc.).
Also SPAN/Monitor ports can add some issues to your environment or data - especially if you are trying to support voice/video environments.
Once you have identified that, you need to know if the solution can handle the data - 1Gb/5Gb/10Gb/50Gb/100Gb etc.
I can recommend the following solutions, but it will all depend on what your need is and what your budget is:
Colasoft Capsa
Sintrex Flow Module
ExtraHop Reveal(x)
Netscout nGeniusOne
VoipMon - for voice only
There are even a few free options (ntopng for one) that can give you some basic insight - and it might be a great place to start if you are new to NTA.
FortiAnalyzer can give good reports on enterprise wide traffic analysis.