As monitoring engineers the tech team at Prosperon always face new challenges when SolarWinds users ask us how to deal with specific issues or security threads that occur on their network. As an example, one of them asked us how we could monitor if there was a Mac Address flood attack on their network.
When we tried the first time to come up with a method to monitor the MAC address table spaces available (that would alert us when there is a MAC flooding attack) our first thought was to use SNMP in order to get the number of available MAC addresses in the MAC address table. Sadly, even though it was a nice idea, this is something that is not usually available in the SNMP MIB files of the network devices.
We didn't give up however and the second thought we had was to try to mimic the way we monitor this metric in real world. The way we normally do it is by executing a command in the CLI which returns this value......
(Click on the link to keep reading)
Installation | Consultancy | Training | Licenses