CAIDA Tool Taxonomy

I continue to research ways to capture information useful for network security monitoring. I found CAIDA's tools taxonomy helpful. RMON (Remote Monitoring) is one solution, especially since it can support full packet capture. (See the IETF charter, mailing list, and Cisco overview.) NetScout probes are a commercial option, although it seems ntop (mailing list) can be modified to collect RMON data. Cisco's NetFlow data appears useful. Competitors include sFlow and nFlow.

Comments

Popular posts from this blog

Zeek in Action Videos

New Book! The Best of TaoSecurity Blog, Volume 4

MITRE ATT&CK Tactics Are Not Tactics