| Popis: |
Security is one of the most important aspects in networks which sometimes need network monitoring and measurement tools to identify the source of misbehavior and performance degradation. Monitoring and measurement tools promise to provide critical functions including an early detection of a Denial of Service (DoS) attack. To ensure the internal security of those tools, they must also be evaluated. This paper analyses two networking monitoring and measurement tools: sFlow (open source) and BigTap (commercial), by applying the STRIDE threat model. This paper concludes that sFlow relies on the correct configuration of the agent and that the deployment environment must be properly secured. BigTap comes with several security mechanisms, however, other mechanisms are required to improve its security. |
