Have you ever thought about your routers. I mean - *really* thought about them? They think all day long, processing all of the packets in and out of your company
PC's with almost any operating system can be configured with tcpdump or windump (with wireshark or whatever gui you'd care to hang in front of it) to do packet capture an analysis. But if the traffic you are trying to capture is halfway across the world (or maybe closer but still too far to drive), can you use your router to capture packets in a standard libpcap format?
As you've probably guessed, the answer is YES, or else there
The link for this article located at SANS is no longer available.