Cisco Network Analysis Module

It pays to subscribe to trade magazines like Network Computing. Today I read Sean Doherty's Cisco Integrated Services Routers: When Routes Converge. Although his article was a useful introduction to two of Cisco's new products, he mentioned the Cisco Network Analysis Module. I had never heard of such a product. I should have, since Greg Shipley wrote about it in his 2002 article Cisco's Network Analysis Module Fills Monitoring Gap for Switched Networks. Greg's article, as well as Cisco's documents, are fascinating to those of us responsible for monitoring networks.

The device pictured above is the Cisco Catalyst 6500 Series NAM (NAM-1 and NAM-2), a blade for your Catalyst switch. Pictured at right is the Cisco Branch Routers Series Network Analysis Module (NM-NAM), a module for your Cisco router. The blade and module are embedded PCs that collect and present traffic and statistics on network operation. The picture shows the 20 GB HDD present in the module.

You can collect and analyze a wide variety of information via the embedded Web browser offered in the NAM. For example, the screen at left shows real-time packet capture of traffic through a Catalyst switch. I think this is absolutely incredible. As Greg reports, "using the NAM, administrators can select ports, Etherchannels or VLANs on the switch to monitor, and send data directly to the NAM blade for inspection. The NAM is unique because the monitored traffic moves directly onto the blade from the Catalyst backplane, is analyzed, and can then be viewed simply by using the embedded Web interface."

If anyone at Cisco is reading this, I would love to install a NM-NAM in my 2651XM router to test its functionality. This is just the sort of device that would make a great addition to my next book. If anyone uses these devices, please feel free to comment on them below.

Comments

Popular posts from this blog

Zeek in Action Videos

New Book! The Best of TaoSecurity Blog, Volume 4

MITRE ATT&CK Tactics Are Not Tactics