Abstract: 100G Open Source Network Monitoring with Bro and Time Machine

Presenter(s): Vincent Stoffer, Lawrence Berkeley Lab

As our high-speed networks have become vital tools for enhancing academic and scientific discoveries, the race continues to bigger pipes and faster connections. With these exponential changes to our core and border networks, institutions need to plan for similar adjustments to their monitoring infrastructure.

This presentation will discuss LBL’s recent evaluation, purchase and deployment of 100G tap aggregation hardware and provide recommendations for handling large traffic volumes with open source network monitoring software (especially Bro). We will also discuss the open source full packet capture solution we use at LBL called Time Machine which offers a number of benefits over commercial full packet capture solutions at a fraction of the price.