Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 

CPPCAP - Alternative to tcpdump on Gaia

_Val_
Admin
Admin
7 3 4,967

Are you still running standard Linux tcpdump on your Firewalls? Did you know it can cause high CPU utilization?

For better results, use CPPCAP - Check Point specialized traffic capture utility. For more information, read this SecureKnowledge Article: sk141412

Tags (2)
3 Comments
s_milidrag
Contributor
Contributor

What tool is more preferred to use fw monitor or cppcap ?

_Val_
Admin
Admin

It depends on a specific scenario. FW monitor shows you how traffic is passing FW kernel chains. CPPCAP & tcpdump are about how traffic looks on network interfaces. These two cases are linked but not identical

HeikoAnkenbrand
Champion Champion
Champion