Technical Tip: Sniffer – differences between 'one-armed sniffer' and 'packet sniffer'
Description
This article explains the difference between 'one-armed sniffer' and 'packet sniffer'.
Solution
This article explains the difference between 'one-armed sniffer' and 'packet sniffer'.
Solution
'One-arm sniffer' or 'One-armed sniffer' defines an inspection mode that is uses a FortiGate appliance to alert upon threats (working in IDS mode).
This mode is described in detail in this document:
'Sniffer' or 'Packet sniffer' is a term derived from the CLI command that is used to capture the packets that pass over the FortiGate.
A more accurate description is a 'packet capture'.
A similar operation can be performed from GUI, with less filters available.
Related Articles
Technical Tip: How to Configure One-Armed IDS/IPS Configuration
Troubleshooting Tool: Using the FortiOS built-in packet sniffer