Here we are looking to do a Distributing Sniffer environment. We already
have an NAI solution with Matrix Switches and so on, but it's getting old
and NAI is not providing supports anymore for our solution, and the new
products are for Windows only and it's not scalable enough for us. We have
a fairly large network and I would like to use EtherReal on a PC to sniff
our Server Farm.
Here is the "Drafted" solution I was thinking of, I would like to exposed
it to you and hear what you are thinking of it.
Here is the first step I was thinking of.
I would like to install Linux on a PC with a couple of 100Mbs NIC card, 4
for now and one 10Mbs card for managment purpose.
Connect that PC on 4 Cisco 4000 switches.
The Goal of this is to allow multiple users to sniff multiple servers at
the same time.
Is EtherReal will be able to handle multitple simultaneous sessions ?
Will I lose some packets if the PC is heavily utilized ?
Should I use Linux on a PC or should look on a Sun workstation or whatever
plateform ?
Right now, money is not and issue and I am looking for a feasable and
flexible solution.
Is there anything I am missing ? or do I have the blessing of the EtherReal
folks ?
Thanks for giving ideas and appreciation.