2 Replies Latest reply on Aug 27, 2015 2:39 PM by TheVMinator

    Traffic Inspection and Security Compliance

    TheVMinator Master

      I'm looking at options invovling traffic inspection using port mirroring on the virtual networking inside ESXi in order to assist with things like intrusion detection and identifying network traffic anomalies indicating potential security events.

       

      The question is, if I deploy a solution that performs this by becoming a destination port of a traffic mirroring session, are the gains I get by identifying anomalies and intrusion detection worth it, given the increased risks of the collector now receiving all the egress frames of VMs in my environment?

       

      Thoughts / opinions welcome.

       

      Thanks