Sometimes when you’re troubleshooting a network problem, you need to look at the packet data. It could be to find security threats or investigate strange network behavior. One of the common ways to capture packet data is with SPAN ports. But with the data deluge found on today’s networks and infrastructure, you can easily run into problems analyzing the packets captured using a SPAN. TCP sequence gaps are one problem that can result from capturing using SPANs.
In this post, let’s get into more about what a SPAN port is. Also, you’ll find out how different capture methods using SPAN can lead to TCP analysis problems and how you can reduce their occurrence.
Continue reading “Why SPAN Port is Bad for Packet Captures”
Security should be top of mind these days. I wrote an article years ago about three lessons you can learn from doing a network security analysis. Taking the appropriate steps is even more crucial now than then.
But how do you protect your organization when you need to help troubleshoot an application problem and need to capture packets? In this post, let’s talk about how you can go about doing that.
Continue reading “How to Prevent Capturing Data for Security Reasons”
You just got a call about an application slowness issue. You’ve been told that it’s not an application issue and that it must be somewhere on the network.
When you need to capture some data, for whatever reason, one question that inevitably comes up is where you should capture. What’s the best location for a packet capture? That’s a good question to ask yourself.
If you don’t, you should be. So let’s talk about that now.
Continue reading “Where is the Best Location for a Packet Capture?”