This discussion has been locked. The information referenced herein may be inaccurate due to age, software updates, or external references.
You can no longer post new replies to this discussion. If you have a similar question you can start a new discussion in this forum.

UDT Port Selection Criteria

UDT Port selection seems to allow you to monitor physical, virtual interfaces, unknown and trunk, access and unknown. I want to understand better want should be selected for monitoring.

Is there any value in monitoring or inventorying vlans and port-channels? Does anyone monitor devices other than switches and routers?

Thanks

Wes

  • I only monitor our switches with UDT. Since UDT is used to detect rogue devices that physically connect to your network, I don't monitor routers or firewalls with it. Most building have ethernet wall outlets which anyone walking by could plug in and start snooping around. On the other hand,if you have a rogue device physically connecting to a router or firewall then you have bigger issues to worry about haha.

    We don't use vlans or port-channels yet in our infrastructure as we don't have the need currently, but I don't see a need to monitor them. Again, UDT is monitoring physical ports so VLANs and port-channels wouldn't be ideal in my opinion. 

  • I agree with this. I only monitor ports on switches. I ignore vlan's, uplinks etc.