Home
Deploy Airwall™
Successfully deploy and configure the Airwall solution and revolutionize security on your network.
Integrate Third-party Services
How to integrate the Airwall Solution with third-party services.
Mirror traffic from your Airwall Gateways to a packet analyzer tool
You can mirror traffic from your Airwall Gateways to allow common packet analyzer/visibility tools (like Nozomi or Wireshark) to see what’s going on in your Airwall secure network.
Mirror Traffic to a Local Device destination (Recommended Way)
The recommended way to mirror traffic is to send the traffic to a local device for your packet analyzer.
Set up security for mirrored traffic
Protect your mirrored traffic.

Set up security for mirrored traffic

Protect your mirrored traffic.

Because your packet analyzer can be a back door to sensitive information about your network (impacting your Airwall secure network invisibility), you need to set up security policies to limit access to your packet analyzer and mirrored traffic so that only trusted devices can access it.

CAUTION: It is a best practice to keep all of the information being sent to your packet analyzer within the Airwall secure network. Since you are essentially making a copy of potentially-sensitive overlay traffic and decrypting it for the packet analyzer, there is a risk of exposure if your packet analyzer is compromised, not secured, or if the network information you are capturing is sent over an unsecured network. You can secure the packet analyzer management interface within the Airwall secure network, with access to the interface limited to authorized personnel.

Diagram showing the flow of mirrored traffic from Mirror Sources to the Mirror Destination, with the packet analyzer within the Airwall secure network, accessed remotely and securely