- Community Home
- >
- Networking
- >
- IMC
- >
- IMC/NTA: sflow based security analysis?
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-22-2012 03:05 AM - edited 09-22-2012 03:12 AM
09-22-2012 03:05 AM - edited 09-22-2012 03:12 AM
IMC/NTA: sflow based security analysis?
Hi,
I´m testing sflow collectors with basic security analysis features.I´m asking myself whether those mske sense, i.e. with sflow rates of 1/1000, will this actually work correctly?
If it does it would be great if I could activate this also on all edge ports. So 27000 ports.
1. Will all HP stackable A-series switches be able to do this?
2. What kind of monster server will I need for sflow analysis?
Having IMC already, so let´s talk about NTA. I haven´t found anything about security analysis with that. I´m asking myself whether those are on roadmap?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-28-2012 07:42 PM
09-28-2012 07:42 PM
Re: IMC/NTA: sflow based security analysis?
You will probably want to check on the licensing too. Part of the NTA licence is that NTA is licenced per active device - with 27000 ports, it seems like you would have over 500 switches (devices)...
IMC is scalable, so you probably need lots of servers, rather than a single monster one.
- Tags:
- License
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-09-2013 06:34 AM
01-09-2013 06:34 AM
Re: IMC/NTA: sflow based security analysis?
Hi,
I heard about another IMC module UBA (User behavior analysis) which is supposed to analyze the sflow flows for security behaviors. But have no experience with it myself.
NTA can be installed on a dedicated server for performance reasons, the admin guide contains some hardware guidelines I believe,
regards,Peter