VMware Communities
iqworks
Contributor
Contributor

ESXi – how to use security onion to access my home/host network packets

   Hi, I am using ESXi 7. I uploaded an OVF of a security onion VM I created. I setup switch nd a port group. The goal is to monitor my home/host all network packets comming and going through my network.

I am using windows 10 and VMware Workstation 16 pro. I am using the ESXi hypervisor to support security onion.

  I think I am at the point where i just need to access my switch using security onion for port mirroring. How to monitor traffic with port mirroring the most efficient and latest way? 

  I looked at this "https://www.youtube.com/watch?v=XDHakAb91r4  14.50 ". This is were needs to use D-Link to make the connection from security onion to my host network. My question is, there must be other ways to setup this connection WITHOUT D-Link? 

  thanks for any advice or suggestions

Reply
0 Kudos
2 Replies
CarltonR
Hot Shot
Hot Shot

It would appear that this is unrelated to VMware products, as it relates to your 'local' network setup.

 

However, as an answer to your question, any network switch will do, as long as it supports 'port mirroring' (or Tap). . . so, as suggested in your linked video, check the manual for the one you have or intend to use.

Reply
0 Kudos
iqworks
Contributor
Contributor

Hi, thanks. i will look at what port i have that is for mirroring. 

Reply
0 Kudos