IMC/NTA: sflow based security analysis?

MichaelM55 · ‎09-22-2012

Hi,

I´m testing sflow collectors with basic security analysis features.I´m asking myself whether those mske sense, i.e. with sflow rates of 1/1000, will this actually work correctly?

If it does it would be great if I could activate this also on all edge ports. So 27000 ports.

1. Will all HP stackable A-series switches be able to do this?

2. What kind of monster server will I need for sflow analysis?

Having IMC already, so let´s talk about NTA. I haven´t found anything about security analysis with that. I´m asking myself whether those are on roadmap?

Richard Litchfield · ‎09-28-2012

You will probably want to check on the licensing too. Part of the NTA licence is that NTA is licenced per active device - with 27000 ports, it seems like you would have over 500 switches (devices)...

IMC is scalable, so you probably need lots of servers, rather than a single monster one.

Peter_Debruyne · ‎01-09-2013

Hi,

I heard about another IMC module UBA (User behavior analysis) which is supposed to analyze the sflow flows for security behaviors. But have no experience with it myself.

NTA can be installed on a dedicated server for performance reasons, the admin guide contains some hardware guidelines I believe,

regards,Peter

Categories

Company

Local Language

Forums

Discussions

Forums

Discussions

Discussions

Forums

Discussions

Forums

Discussions

Forums

Forums

Discussions

Forums

Discussions

Forums

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Community

Resources

Other HPE Sites

Discussions

Forums

Blogs

IMC/NTA: sflow based security analysis?

IMC/NTA: sflow based security analysis?

Re: IMC/NTA: sflow based security analysis?

Re: IMC/NTA: sflow based security analysis?