I know it’s stupid Title. I’m network engineer also security engineer. And i want to discover FPC in my company. So simple topology looks like this.
Clients will use proxy for ssl decryption it’s done by PALO ALTO. So if users wants to connect to Internet all the network packets will be mirrored to the one interface. At last that computer will process all the packets coming from interface. Now my question is which is best Full packet capture tool and why. That contains less size and good output. Also open source will good.
- Moloch https://molo.ch/
- PRTG https://www.paessler.com/
- so on …