Sometimes when you’re troubleshooting a network problem, you need to look at the packet data. It could be to find security threats or investigate strange network behavior. One of the common ways to capture packet data is with SPAN ports. But with the data deluge found on today’s networks and infrastructure, you can easily run into problems analyzing the packets captured using a SPAN. TCP sequence gaps are one problem that can result from capturing using SPANs.
In this post, let’s get into more about what a SPAN port is. Also, you’ll find out how different capture methods using SPAN can lead to TCP analysis problems and how you can reduce their occurrence.
Continue reading “Why SPAN Port is Bad for Packet Captures”