Traffic monitoring
- Thread starter affKC
- Start date
Hi,
Splunk is furthest along the line to consolidate everything. It has a free version which remain free for smaller environments and needs. ZenOSS is not mentioned, but is no slouch & worth checking as well.
Mirrored port plus WireShark always does the trick. AlienVault's Ossim is also a great piece of software. It also does Snort (for attack detection), inventory and nice diagrams for CEO-s or other non-technical staff. Oh, and it is great for syslog collelcting/analysing.
Thanks. Have a great day !!!
Splunk is furthest along the line to consolidate everything. It has a free version which remain free for smaller environments and needs. ZenOSS is not mentioned, but is no slouch & worth checking as well.
Mirrored port plus WireShark always does the trick. AlienVault's Ossim is also a great piece of software. It also does Snort (for attack detection), inventory and nice diagrams for CEO-s or other non-technical staff. Oh, and it is great for syslog collelcting/analysing.
Thanks. Have a great day !!!