|
Installation
& Deployment
Ax3soft Sax2 can monitor
and analyze the data transmitted in intranet and/or between intranet
and extranet, or over VLAN; however, only with correct installation
and configuration can the program work properly. The following sections
introduce how to install and configure Ax3soft Sax2 in different
network environments, including shared network and switched network.
A. Sharing networks - connect the Internet
through the Hub
B. Switched network - switches with management functions (port mirroring)
C. Switched network- switches without
management functions (no port mirroring)
-- The use of network-connector
(Taps)
-- Use Hub (Hub)
D. Monitoring a
network segment
|
|
Sharing networks - Connect the Internet through
the Hub
A shared network is also known as hubbed network which is connected
with a hub.
Hubs are commonly used to connect segments of a LAN. When a packet
arrives at one port, it is copied to the other ports so that all
segments of the LAN can see all packets. A passive hub serves simply
as a conduit for the data, enabling it to go from one device (or
segment) to another. So-called intelligent hubs include additional
features that enable an administrator to monitor the traffic passing
through the hub and to configure each port in the hub. Intelligent
hubs are also called manageable hubs. A third type of hub, called
a switching hub, actually reads the destination address of each
packet and then forwards the packet to the correct port.
With a shared environment, Ax3soft Sax2 can be installed on any
host in LAN. The entire network data transmitted through the Hub
will be captured, including the communication between any two hosts
in LAN.
Topology illustration
1:
|
|
Switched network - Switches
with management functions (port mirroring) Switch
is a network device working on the Data Link Layer of OSI. Switch
can learn the physical addresses and save these addresses in its
ARP table. When a packet is sent to switch, switch will check the
packet’s destination address from its ARP table and then send the
packet to the corresponding port.
Generally all three-layer switches and partial two-layer switches
have the ability of network management; the traffic going through
other ports of the switch can be captured from the debugging port
(mirror port/span port) on the core chip. To analyze the traffic
going through all ports, Ax3soft Sax2 should be installed on this
debugging port (mirror port/span port).
The following table presents the advantages and disadvantages
of using a switch with mirror port.
|
Advantage |
Disadvantage |
- No additional facility required
- No need to change network topology
|
- Occupies a switch port
- Possible influence to network transmission
performance when meeting huge traffic
|
Topology illustration
2:
|
|
Switched network - switches
without management functions (no port mirroring)
If your switch has
no management function, you can:
-
the use of network-connector (Taps)
Taps can be flexibly
placed on any line in network. When the requirement for network
performance is very high, you can add a tap to connect your
network. The following table presents the advantages and disadvantages
of using a tap.
|
Advantage
|
Disadvantage
|
-
No
influence to network transmission performance
-
No interference with data stream and raw data
-
Does
not occupy IP address, free from network attacks
-
No need to change network topology
|
|
Topology illustration 3:
|
|
Monitoring a network segment
In the case when you only need to monitor the traffic in a network
segment (e.g. Finance department, Sales department, etc.), you can
connect the server on which Ax3soft Sax2 is installed and the network
segment with a exchange facility. The exchange facility can be hub,
switch or proxy server.
Topology illustration 5:
|
