What would you use in order to accomplish this?

You are responsible for network monitoring and need to monitor traffic over a routed network from a remote source to an IDS or IPS located in the headquarters site. What would you use in order to accomplish this?

You are responsible for network monitoring and need to monitor traffic over a routed network from a remote source to an IDS or IPS located in the headquarters site. What would you use in order to accomplish this?

A.
VACLs and VSPAN

B.
RSPAN

C.
ERSPAN

D.
NetFlow

Explanation:
ERSPAN supports source ports, source VLANs, and destinations on different switches, which provides
remote monitoring of multiple switches across your network (see Figure 66-3). ERSPAN uses a GRE
tunnel to carry traffic between switches.
ERSPAN consists of an ERSPAN source session, routable ERSPAN GRE-encapsulated traffic, and an
ERSPAN destination session. You separately configure ERSPAN source sessions and destination
sessions on different switches.
To configure an ERSPAN source session on one switch, you associate a set of source ports or VLANs
with a destination IP address, ERSPAN ID number, and optionally with a VRF name. To configure an
ERSPAN destination session on another switch, you associate the destinations with the source IP
address, ERSPAN ID number, and optionally with a VRF name.
ERSPAN source sessions do not copy locally sourced RSPAN VLAN traffic from source trunk ports that
carry RSPAN VLANs. ERSPAN source sessions do not copy locally sourced ERSPAN
GRE-encapsulated traffic from source ports.
Each ERSPAN source session can have either ports or VLANs as sources, but not both.
The ERSPAN source session copies traffic from the source ports or source VLANs and forwards the
traffic using routable GRE-encapsulated packets to the ERSPAN destination session. The ERSPAN
destination session switches the traffic to the destinations.



Leave a Reply 0

Your email address will not be published. Required fields are marked *