Important Notice: Our web hosting provider recently started charging us for additional visits, which was unexpected. In response, we're seeking donations. Depending on the situation, we may explore different monetization options for our Community and Expert Contributors. It's crucial to provide more returns for their expertise and offer more Expert Validated Answers or AI Validated Answers. Learn more about our hosting issue here.

How to guarantee the completeness of audit records without any loss of packet?

audit completeness guarantee loss packet records
0
10 Posted

How to guarantee the completeness of audit records without any loss of packet?

0 CommentsAdd a Comment

1 Answer

0
10

Completeness of recording data is guaranteed from the following two aspects in SA: a. SAS works in line as a transparent proxy and its impossible for any packet to bypass SAS or to be dropped. For those sniffer-like products, loss of a single packet might lead to failure of audit to whole session. b. SAS is designed to collect and forward packets only. The complicated protocol analysis and audit are left to SAD which works off-line and wont impact the network performance at all.

0 CommentsAdd a Comment
What is your question?

*Sadly, we had to bring back ads too. Hopefully more targeted.

Experts123