[Bro] cFlow 10G headend
Mike Waite
mfw113 at psu.edu
Tue Sep 7 14:55:04 PDT 2010
I am looking for someone that has successfully deployed the cFlow 10G as a headend in their cluster.
The box looks pretty simple to setup, not a whole bunch of settings in there to really mess with, but I am not seeing the results that I was expecting. After setting up the MAC addresses on the worker nodes NICs in the appliance I am still seeing all the traffic on all interface on all the worker nodes, not just the traffic destined to mac address of the workers NIC that entered in the maccfg page. Is there some other simple setting that I am missing?
Thanks
--
Michael Waite
Enterprise Security Analyst
Enterprise Information Privacy and Security Services (EIPSs)
Security Operations and Services (SOS)
Information Technology Services (ITS)
The Pennsylvania State University (PSU)
Direct Telephone: 814-865-2297
ITS-SOS Telephone: 814-863-9533
ITS-SOS E-Mail: security at psu.edu
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 553 bytes
Desc: OpenPGP digital signature
Url : http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20100907/3277aead/attachment.bin
More information about the Bro
mailing list