How to build yourself a nBox Probe and Packet Recorder

Posted · Add Comment

If you need a network probe or a packet recorder you have two options. Grab a turn-key nBox or built it yourself using our software. In the first case you will receive a optimised system, with the right motherboard/CPU/NIC for your monitoring tasks and all software preinstalled/configured. However if you want to build yourself your nBox (e.g. you can reuse an old/spare server or get a new one if you plan to address 10 Gbit monitoring) you can now do it. Below we will describe how to build it step by step:

Hardware

  • Sandy-Bridge (or better)-based motherboard such as X9SLC.
  • Intel E3 or E5 CPU (both CPUs with the above motherboard can do 10 Gbit NetFlow and packet-to-disk).
  • At least 4 GB of RAM.
  • A DNA-aware card.
  • RAID controller and at least 8 x 10k RPM drives (for packet to disk only, not needed for flow monitoring).

Software

  • Ubuntu Server x64 LTS. This is our favourite distribution.
  • If you prefer CentOS/RedHat you can also use CentOS Server 6.x x64. We also support CentOS but to date we have not yet ported the nBox package to CentOS and thus you need to use it from the command line.

Once you have configured the machine and installed the base operating system, depending on your OS go to:

and follow the instructions. In essence we have created an APT and YUM repository so you can use it in your favourite distro.

At this point your nbox in configured and you can point your browser to http://<your nbox IP> for accessing the nBox management interface.

For more information please refer to the nBox documentation and in particular: