A network monitoring and management technology called sFlow may not be the most widely-known IETF draft standard, but its proving to be a versatile tool for some network managers.
RFC 3176, known as sFlow, is an embedded MIB technology on some brands of network switches which allows users to view network traffic as if they had a probe installed on every port on the device. SFlow works by taking random samples of network traffic from all ports, then running the samples through an algorithm to generate a complete network map, which is updated in real time.
In addition to using sFlow as a network management tool, it can also be used as a way to detect network intrusions, such as unauthorized NAT devices - like WLAN hubs - that may be on a network. Peter Phaal, an engineer at InMon Corp, which makes sFlow-based hardware and software products, wrote a detailed document on this security technique.
Find out how to use sFlow to detect rogue WLAN end points:
www.sflow.org/detectNAT/
More on sFlow in general:
www.sflow.org
Post a comment
|
Does Verizon's Voyager stack up to the iPhone? |
5 IT skills that won't boost your salary 
[1,407]
Women 4 times more likely than men to cough up personal info [589]
Japan's 10 funniest tech-related commercials [Videos] [407]
Throwing away a promo CD is "unauthorized distribution"? [1,265]
Adults too quick to dismiss educational video games [682]
Attack of the iPhone clones [Slideshow] [578]
10 things IT needs to know about AJAX [1,258]
This Year's 25 Geekiest 25th Anniversaries [Slideshow] [409]
