Hyper-V VM Question

HI all,

I'm interested in the NDR solution to add to our Sophos XDR setup.

I'm puzzled on one thing. If we setup a Hyper-V VM for the NDR solution and configure a virtual switch for packet capture, do we still need to configure a SPAN port on our physical core switch and connect that to the Hyper-V host too?

Sorry, this is a very dumb question.

Top Replies

LuCar Toni 17 days ago +1

Basically the answer is: It depends on your goal. You can monitor the traffic from your switch, or you bridge your SPAN Port into your VM. That is up to you. For maximal visibility, it would be good to…

0 LuCar Toni 17 days ago

Basically the answer is: It depends on your goal.
You can monitor the traffic from your switch, or you bridge your SPAN Port into your VM. That is up to you.
For maximal visibility, it would be good to mirror all traffic or only ports, interesting to you, to the VM.

__________________________________________________________________________________________________________________
Cancel
Vote Up +1 Vote Down

Sign in to reply

Verify Answer

Cancel