Improving Passive Packet Capture: Beyond Device Polling

New WAF attack timelines show the start and end of a threat.
No more logs. See how →

Passive packet capture is necessary for many activities including network debugging and monitoring. With the advent of fast gigabit networks, packet capture is becoming a problem even on PCs due to the poor performance of popular OSs. The introduction of device polling has improved the capture process quite a bit but not really solved the problem.

This paper proposes a new approach to passive packet capture that combined with device polling further improves it and allows, on fast machines, packets to be captured at (almost) wire speed.

Download the paper in PDF format here.

Are you protecting your users and sensitive O365 data from being leaked? Learn how Specops Authentication for O365 can help.