Monday, May 26, 2003

CAIDA Tool Taxonomy

I continue to research ways to capture information useful for network security monitoring. I found CAIDA's tools taxonomy helpful. RMON (Remote Monitoring) is one solution, especially since it can support full packet capture. (See the IETF charter, mailing list, and Cisco overview.) NetScout probes are a commercial option, although it seems ntop (mailing list) can be modified to collect RMON data. Cisco's NetFlow data appears useful. Competitors include sFlow and nFlow.

No comments: