Database Security Products (MOSC)

MOSC Banner

AVDF - Is using bonding as Out-of-Band monitoring point supported in 20.8?

in Database Security Products (MOSC) Question

Hello,

Does AVDF 20.8 support bonding feature on ports used for packet sniffing (i.e. Out-of-Band monitoring points)?

We know bonding is available on AVDF appliance but documentation is not clear whether it can be used for sniffing packets. The fact that one need to provide IP address for "config-bond" script - seems to suggest that intended use of it was only for communication between appliance, Audit Vault Server, agents, etc. - but not for passive packet monitoring.

On the other hand, when we create monitoring point for single target - we can only use single interface on any Firewall. Which means that if we need to sniff packets from multiple switches - we need multiple firewalls - which is weird. Moreover if target uses multiple switches for communication - for example because it uses bonding itself - we need to somehow mirror and aggregate this traffic before sniffing it on firewall. This can be done using ERSPAN - if LAN technology support this - but it could be also done on firewall itself using bonding.

Howdy, Stranger!

Log In

To view full details, sign in to My Oracle Support Community.

Register

Don't have a My Oracle Support Community account? Click here to get started.

Category Leaderboard

Top contributors this month

Instructions for posting

×

1. Select a discussion category from the picklist.


2. Enter a title that clearly identifies the subject of your question.


3. In the body, insert detailed information, including Oracle product and version.


Please abide by the Oracle Community guidelines and refrain from posting any customer or personally identifiable information (PI/CI).


Cloud / Fusion customers - Our Cloud community has moved! Please go to Cloud Customer Connect .


New to My Oracle Support Community? Visit our Welcome Center

MOSC Help Center