 - Port mirroring, also known as a roving analysis port, is a method of monitoring network traffic that forwards a copy of each incoming and outgoing packet from one port of a network switch to another port where the packet can be studied. A network administrator uses port mirroring as a diagnostic tool or debugging feature, especially when fending off an attack. It enables the administrator to keep close track of switch performance and alter it if necessary. Port mirroring can be managed locally or remotely.
An administrator configures port mirroring by assigning a port from which to copy all packets and another port where those packets will be sent. A packet bound for or heading away from the first port will be forwarded onto the second port as well. The administrator places a protocol analyzer on the port receiving the mirrored data to monitor each segment separately. The analyzer captures and evaluates the data without affecting the client on the original port.
The monitor port may be a port on the same SwitchModule with an attached RMON probe, a port on a different SwitchModule in the same hub, or the SwitchModule processor.
Port mirroring can consume significant CPU resources while active. Better choices for long-term monitoring may include a passive tap like an optical probe or an Ethernet repeater.
 |
Learn more about Network Security Monitoring and Analysis |
| Integrating NAC with network security tools: Integrating NAC solutions with other network security functions can produce a more complete user identity to strengthen every policy across the network. |
| NagVis -- 'Nagios: System and Network Monitoring, Second Edition,' Chapter 18: Learn to install, configure and create visual NagVis1 maps for your Nagios Web interface with Chapter 18 of "Nagios: System and Network Monitoring, 2nd Ed." |
| Visual Security Analysis -- 'Applied Security Visualization,' Chapter 5: Visual Security Analysis, Chapter 5 of the book 'Applied Security Visualization,' shows different ways of analyzing security data using visual approaches. |
| Network Infrastructure -- Chapter 9 of "Hacking for Dummies": This chapter will help you select tools, scan network hosts, assess security with a network analyzer, and prevent denial-of-service and infrastructure vulnerabilities. |
| Top expert Q&As of 2006: View the top five Q&As from our group of elite experts in 2006. Topics covered include: network admin & mgmt, security, routing and switching, certs, IPv6 and wireless networking. |
| LAST UPDATED: |
17 Apr 2007
|
 |
Do you have something to add to this definition? Let us know.
Send your comments to techterms@whatis.com
|
|
Show me everything on 
