Active Logical Link Mapping
Definition
Active logical link mapping sends and receives network traffic as a means to map the whole data link layer, where the links represent logical data flows rather than physical connection
How it works
Active logical link mapping establishes awareness of logical links in the network by sending data over the network to gather information about logical connections in the network.
Typically this will be achieved through network telemetry coordinated for network management and monitoring and will use a link layer discovery protocol such as LLDP and the information gathered and aggregated a higher levels using an application protocol such as SNMP. The information may be polled by network management softare or configured once and then pushed from network sensors (or agents.)
Another means of establishing network connectivity is by means of sendingn traffic through the use of a tool such as traceroute, to determine the logical paths through the network architecture.
Considerations
- Best practice is to encrypte network monitoring data and require authentication for queries or admin/management functions.
- Push notifications reduce bandwidth necessary to capture and maintain information if reliable transport is used.
- Special consideration should be made before using of active scanning in OT networks and OT-safe options chosen where available.
References
The following references were used to develop the Active Logical Link Mapping knowledge-base article.
(Note: the consideration of references does not imply specific functionality exists in an offering.)