Y
Hacker News
new
|
ask
|
show
|
jobs
by
andrewstuart2
3651 days ago
Ideally you use a mirror port so that all traffic being routed also gets sent to the SecurityOnion services for automated analysis, reporting, and alerts (depending on how SO is configured).
1 comments
awqrre
3650 days ago
Would it be efficient to create iptables rules to mirror traffic on a router that doesn't have a mirroring port?
link