Chapter 6. Capturing Network Traffic

Upon completion of this chapter,you will be able to perform the following tasks:

  • Describe the basic types of devices used to capture traffic for your IDS sensors

  • Explain the commands used to monitor network traffic using SPAN

  • Explain the difference between using SPAN and RSPAN

  • Explain the commands used to monitor network traffic using VACLs

  • Identify the steps used to define a VACL

At the network level, your Cisco intrusion detection system (IDS) sensors are the eyes of your intrusion protection system (IPS). But to detect intrusive activity, your sensors must be able to view the traffic that is traversing your network. Through its monitoring interface, each of your sensors examines the network traffic that it sees. ...

Get CCSP Self-Study: Cisco Secure Intrusion Detection System (CSIDS) now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.