Overview
An Exinda appliance can operate out-of-path or ON-LAN mode with any hub or switch that supports port mirroring or SPAN ports. Use this topology when you need to monitor traffic without installing the Exinda appliance inline.
The Exinda appliance monitors and reports on all applications present on the SPAN/Mirror port. It enables regular network audits and provides great flexibility in restricted and complex network environments.
Topology diagram showing how to cable MGMT and Mirror ports for Mirror/SPAN port monitoring:
This article explains the tasks to be performed to configure Mirror/SPAN port monitoring as seen below:
Contents
- Configuring Mirror Port Mode.
- Enabling Mirror/SPAN Traffic Monitoring.
- Configuring Internal Subnets as Internal Network Objects.
Process
Step 1: Configuring Mirror Port Mode
- Before enabling Mirror/SPAN port monitoring, you must configure a switch port to mirror traffic to an unused port cabled to the Exinda appliance.
- Alternatively, you can deploy a network hub in-path and directly cable the Exinda appliance to the hub. A hub, by design, mirrors all traffic to all ports.
- Any port not enslaved to a bridge or in use for another function, for example, cluster or WCCP, may be used to receive mirror port or SPAN port traffic.
Step 2: Enabling Mirror/SPAN Traffic Monitoring
- You can enable the SPAN/Mirror port on an interface to monitor the type of traffic.
- Refer to the article: Enabling Mirror/SPAN Traffic Monitoring for the step-by-step process.
Step 3: Configuring Internal Subnets as Internal Network Objects
- For the Exinda appliance to determine traffic direction, all internal subnets should be defined as Internal Network Objects.
- Refer to the article: Configuring Internal Subnets as Internal Network Objects for more details.
Confirmation
After enabling Mirror/SPAN monitoring and defining the appropriate Internal Network Objects, the Exinda appliance monitors traffic received on the Mirror/SPAN receiving port as if it were inline.