Digital Forensics, Incident Response, Troubleshooting, Compliance, and Deep Packet Inspection are important use cases for packet capture. However, as environments continue to adopt virtualized, cloud-based infrastructure, network security practitioners will find it necessary to understand the specific tactics and protocols available for use in each environment. This paper catalogs and details the state of packet capture in a hybrid infrastructure, including on-prem physical hosts, ESX, and public clouds AWS, Azure, and GCP.
