Installation & Deployment

Ax3soft Sax2 can monitor and analyze the data transmitted in intranet and/or between intranet and extranet, or over VLAN; however, only with correct installation and configuration can the program work properly. The following sections introduce how to install and configure Ax3soft Sax2 in different network environments, including shared network and switched network.

 

A. Sharing networks - connect the Internet through the Hub

B. Switched network - switches with management functions (port mirroring)

C. Switched network- switches without management functions (no port mirroring)

  -- The use of network-connector (Taps)

  -- Use Hub (Hub)

D. Monitoring a network segment

   

Sharing networks - Connect the Internet through the Hub

A shared network is also known as hubbed network which is connected with a hub.
Hubs are commonly used to connect segments of a LAN. When a packet arrives at one port, it is copied to the other ports so that all segments of the LAN can see all packets. A passive hub serves simply as a conduit for the data, enabling it to go from one device (or segment) to another. So-called intelligent hubs include additional features that enable an administrator to monitor the traffic passing through the hub and to configure each port in the hub. Intelligent hubs are also called manageable hubs. A third type of hub, called a switching hub, actually reads the destination address of each packet and then forwards the packet to the correct port.
With a shared environment, Ax3soft Sax2 can be installed on any host in LAN. The entire network data transmitted through the Hub will be captured, including the communication between any two hosts in LAN.

Topology illustration 1:

   Switched network - Switches with management functions (port mirroring)

Switch is a network device working on the Data Link Layer of OSI. Switch can learn the physical addresses and save these addresses in its ARP table. When a packet is sent to switch, switch will check the packet’s destination address from its ARP table and then send the packet to the corresponding port.

Generally all three-layer switches and partial two-layer switches have the ability of network management; the traffic going through other ports of the switch can be captured from the debugging port (mirror port/span port) on the core chip. To analyze the traffic going through all ports, Ax3soft Sax2 should be installed on this debugging port (mirror port/span port).

The following table presents the advantages and disadvantages of using a switch with mirror port.

Advantage Disadvantage
  • No additional facility required
  • No need to change network topology
  • Occupies a switch port
  •  Possible influence to network transmission performance when meeting huge traffic

Topology illustration 2:

 

 

             

  Switched network - switches without management functions (no port mirroring)

If your switch has no management function, you can:

  • the use of network-connector (Taps)

    Taps can be flexibly placed on any line in network. When the requirement for network performance is very high, you can add a tap to connect your network. The following table presents the advantages and disadvantages of using a tap.

    Advantage

    Disadvantage

    •  No influence to network transmission performance

    • No interference with data stream and raw data

    •  Does not occupy IP address, free from network attacks

    • No need to change network topology

    • High cost

    • Additional facility (tap) required

    •  Requires dual adapters

    • Can not connect Internet

    Topology illustration 3: 


  •  Use Hub (Hub)

    Working on share mode, hubs are applicable for small networks.

    Advantage

    Disadvantage

    •  Low cost

    • No need to be configured

    • No need to change network topology

    • Additional facility (hub) required

    • Interference to network transmission performance when meeting huge traffic

    • Not applicable for big networks

     

    Topology illustration 4: 

Monitoring a network segment

In the case when you only need to monitor the traffic in a network segment (e.g. Finance department, Sales department, etc.), you can connect the server on which Ax3soft Sax2 is installed and the network segment with a exchange facility. The exchange facility can be hub, switch or proxy server.

Topology illustration 5: