Router IP Traffic Export is used to export packets to a VLAN or LAN interface for analysis.  The primary use for RITE is for IDS (Intrusion Detection Systems) implementations where duplicated traffic can indicate an attack on the network.  In actual instances where identical traffic is received on multiple ports of a router, the router forwards those packets to an IDS for alerting and analysis…this is what RITE does.

When you setup RITE, you configure it to send packets to the predefined MAC address of the IDS server.  You can setup forwarding of this traffic in, out, or both and you can filter on this using ACLs.




Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s