Tapping into the Cloud

Share on facebook
Share on twitter
Share on linkedin
When customers need to troubleshoot their cloud-based applications, they reach for two things: Wireshark and a Network Tap.

When customers need to troubleshoot their cloud-based applications, they reach for two things: Wireshark and a Network Tap. Wireshark’s open source network protocol analyzer capability allows users to decode packet communication through their networks to identify problem areas. Inserting a network tap between the Carrier demarc and local firewall provides customers with access to their data without relying on port mirroring techniques or incurring costly downtime.

An independent school supporting several e-learning initiatives encountered a problem with DHCP on their cloud-managed wireless network. Information technology consulting firm CVM, Inc., a Datacom Systems partner, was dispatched to examine the issue. The customer informed CVM, Inc. that the packet capture tool built into their wireless devices was being disrupted by a malfunctioning HSRP which would occasionally “break”. As the tool was still in beta, solutions were limited.

CVM’s initial plan was to simply mirror the WAN uplink port on the customer’s core switch, set a connected laptop’s NIC to promiscuous mode to capture all broadcast traffic, regardless of vLAN, and submit the findings to support. However, all ports on the core switch were in use, and the downtime required to make the necessary wiring and configuration changes was not acceptable to the customer.

Taking these restrictions into consideration, CVM selected the Datacom Systems  CTP-1000 network tap. The CTP-1000 was installed between the core switch and the customer’s firewall without displacing an occupied port, and installation incurred only seconds of downtime during off-hours.

With the tap in place, CVM was able to generate the appropriate PCAPs using Wireshark and send the data to vendor support. Ultimately, the problem lay with a corrupted configuration on one of the wireless access points. 

Due to the ease of insertion into the existing infrastructure, CVM used the CTP-1000 as a mobile tool, shortening the time required to gather the appropriate information not only from the core switch to firewall uplink, but the trunk ports servicing the damaged Wireless Access Point  as well. 

Initially, the customer was concerned about introducing a single point of failure with the tap. This apprehension was eliminated by identifying the CTP-1000’s redundant power supplies and graceful failover features that ensured connectivity would not be lost, even if the tap failed. Since installation and the resolution of their problem, the customer has decided to leave Datacom Systems  CTP-1000 network tap in line between the core switch and the firewall, maintaining a convenient entry point into all ingress and egress traffic in the future.

Recent Posts

Cloud Security
Cloud Computing

Cloud Security – Is your Data Safe?

On March 4th, 2021, the Infosec and compliance firm Qualys, a member of the Forbes 100 and a provider of security auditing services to over 10,000 customers globally, experienced an attack by a Clop Ransomware zero-day exploit target affecting the Accellion FTA server – a legacy file transfer technology. Many other companies were also targeted, but Qualys has stated that no ransomware was installed in their system, nor was there any request for payment received.

Read More »
Network Management & Architecture

Get improved visibility into high speed network connections

The FTP-1516 can reduce the total cost of implementing a monitoring solution by allowing a 40G link to be monitored without using expensive 40G ports. The FTP-1516 allows you to leverage existing 10G monitoring ports and can be a cost effective alternative to upgrading to a 40G monitoring solution.

Read More »
dsi_logo_new_bkg_white

We'll be Glad to Help You

For the latest information, product updates, and to check the status of your service agreement, please contact our support team