|
Installation & Deployment Ax3soft Sax2 can monitor and analyze the data
transmitted in intranet and/or between intranet and extranet, or over VLAN;
however, only with correct installation and configuration can the program
work properly. The following sections introduce how to install and configure
Ax3soft Sax2 in different network environments, including shared network and
switched network.
A. Sharing networks - connect the
Internet through the Hub B. Switched network - switches with management functions (port mirroring) C. Switched network- switches without
management functions (no port mirroring)
-- The use of network-connector (Taps) -- Use Hub (Hub) D. Monitoring a
network segment E.
Proxy server to share Internet |
|
 Sharing
networks - Connect the Internet through the Hub
A shared
network is also known as hubbed network which is connected with a hub.
Hubs are commonly used to connect segments of a LAN. When a packet arrives at
one port, it is copied to the other ports so that all segments of the LAN can
see all packets. A passive hub serves simply as a conduit for the data, enabling
it to go from one device (or segment) to another. So-called intelligent hubs
include additional features that enable an administrator to monitor the traffic
passing through the hub and to configure each port in the hub. Intelligent hubs
are also called manageable hubs. A third type of hub, called a switching hub,
actually reads the destination address of each packet and then forwards the
packet to the correct port.
With a shared environment, Ax3soft Sax2 can be installed on any host in LAN. The
entire network data transmitted through the Hub will be captured, including the
communication between any two hosts in LAN. Topology illustration 1:
|
|
Switched network - Switches with management functions
(port mirroring) Switch is a network device working on the Data
Link Layer of OSI. Switch can learn the physical addresses and save these
addresses in its ARP table. When a packet is sent to switch, switch will check
the packet’s destination address from its ARP table and then send the packet to
the corresponding port. Generally all three-layer switches and partial two-layer switches have the
ability of network management; the traffic going through other ports of the
switch can be captured from the debugging port (mirror port/span port) on the
core chip. To analyze the traffic going through all ports, Ax3soft Sax2 should
be installed on this debugging port (mirror port/span port). The following table presents the advantages and disadvantages of using a
switch with mirror port. | Advantage | Disadvantage | - No additional facility required
- No need to change network topology
| - Occupies a switch port
- Possible influence to network transmission performance when
meeting huge traffic
|
Topology illustration 2: 
|
|
Switched network - switches without management
functions (no port mirroring)
If your switch has
no management function, you can: the use
of network-connector (Taps) Taps can be flexibly placed on
any line in network. When the requirement for network performance is very
high, you can add a tap to connect your network. The following table
presents the advantages and disadvantages of using a tap.
Advantage | Disadvantage | No influence to network transmission performance No interference with data stream and raw data Does not occupy IP address, free from network attacks No need to change network topology
| |
Topology illustration 3:
|
|
Monitoring a network segment In the case when you only need to
monitor the traffic in a network segment (e.g. Finance department, Sales
department, etc.), you can connect the server on which Ax3soft Sax2 is installed
and the network segment with a exchange facility. The exchange facility can be
hub, switch or proxy server. Topology illustration 5:
|
|
Proxy server to share Internet If it is on the Internet through a proxy server, will install Sax2 on to a proxy
server. Topology illustration 6: 
|
