Such a dilemma, when it comes to Autonomous System NetFlow exports, which do you prefer: peer-as or origin-as?  If you don’t care about Autonomous System reports, you still just might find this post interesting.  I’ll try to keep you captivated!

Autonomous System
First of all, what is an Autonomous System? Within the Internet, an Autonomous System (AS) is a collection of connected Internet Protocol (IP) routing prefixes under the control of one or more network operators that presents a common, clearly defined routing policy to the Internet. A single ISP can support multiple Autonomous Systems Numbers (ASN). The ASNs supported by the ISP are advertised via their Internet router using the BGP Protocol. So what is BGP?

Read more »

Jon Mills
Marketing & Public Relations Manager
Follow Me On Twitter

We want to work in more Cisco BGP reporting in Scrutinizer NetFlow Analyzer and I need some help.  I need some NetFlow packet captures with BGP information. Can you send me one?

Read more »

Jon Mills
Marketing & Public Relations Manager
Follow Me On Twitter

For those of you that missed Plixer’s recent series of webinars, aimed at getting the most out of NetFlow using their latest and greatest NetFlow and sFlow analyzer, there is still hope. A recording of the webinar has been made available online for your viewing pleasure. Just click the image below to watch this 40 minute presentation.

Michael Patterson, Scrutinizer Product Manager, covered a range of topics in this traffic monitoring centric presentation.

Read more »

Jon Mills
Marketing & Public Relations Manager
Follow Me On Twitter

Plixer International, Inc., a leading global provider of network traffic monitoring and analysis tools, today announced that it has partnered with NTOP of Italy to launch Scrutinizer 7.7 with nProbe™ support for advanced flow-based monitoring to analyze client, server and application latency.  If the flow involves HTTP, the URL information can also be exported. Read more »

Jon Mills
Marketing & Public Relations Manager
Follow Me On Twitter

According to PGP Corporation and the Ponemon Institute, the average cost per security breach increased by $100K from 2008 to 2009, however the number of reported breaches dropped by 159. The reason for the drop in reportings is likely a result of training and awareness programs. Also, the use of encryption is up 44 percent over 2008.

The effort to prevent data loss is a top priority for many organizations. Identifying odd traffic patterns and suspicious data transfers has become a concern for many data security professionals. Flow Analytics, an add on to our NetFlow collector, allows administrators to detect odd traffic patterns, such as servers communicating to unauthorized hosts on the Internet.

A well constructed saved filter can provide the following:

Read more »

Jon Mills
Marketing & Public Relations Manager
Follow Me On Twitter

Mix Master Mitch is at it again. This week he’s at the FOSE trade show demonstrating our best at NetFlow network traffic analyzer.

Read more »

Jon Mills
Marketing & Public Relations Manager
Follow Me On Twitter

Scrutinizer v7.6 has been released with several best at NetFlow improvements for network traffic analysis. You will find the upgrade available for download now.

New Features include:

+ Flow View now has a Date Selector
+ Users can name their templates exported from flow devices
+ Time frames for 3, 7, and 30 days have been added to the date selector
+ Volume reports have an option to toggle rate vs. totals
+ A new LDAP wizard has been added to simplify LDAP and LDAPS configuration
+ More definition labels have been added for ICMP Traffic
+ NBAR descriptions will no longer be blank if no template has been received
+ Fixed issue when performing an SNMP update for a PC with nprobe installed
+ Users can now configure thresholds based on a per row or report total basis
+ A new report type of IP Next Hop has been added to the status tab
+ Users who are part of an administrator group can copy myview tabs
+ A new report filter has been added for SUBNET TO SUBNET
+ The interface instance column is wider for high interface numbers
+ A Plixer Tools icon will now be visible when Plixer Tools is installed
+ Users can now add very long community strings
+ Added the ability in mapping to filter Denika reports for Denika connections
+ For new installs, users will automatically be licensed for 30 days
+ Updated the Japanese Translation
+ Improved IPFIX support in the NetFlow and sFlow collector
- Dozens of bug fixes

We are very excited about this new release of our network traffic analyzer. Contact us if you have any questions.

Jon Mills
Marketing & Public Relations Manager
Follow Me On Twitter

We had a customer approach us the other day with an nprobe issue. Apparently, he could see the NetFlow v9 data in Flow View of Scrutinizer, but he couldn’t report on the data. How come?

He sent us a Wireshark packet capture and brought up Flow View. Flow View is a way to see the raw flows (inclusive of all columns) being exported by a device.

Anyway, in Flow View everything looked normal, but then one of our developers spotted the word ‘post’ in front of a couple of import column names. We (and Scrutinizer) expect to see ‘octetDeltaCount’ and instead, the customer had configured nProbe to kick out ‘postOctetDeltaCount’.

Read more »

Jon Mills
Marketing & Public Relations Manager
Follow Me On Twitter

Plixer International, your team of friendly neighborhood NetFlow specialists, has just released the newest version of Flowalyzer, our NetFlow and sFlow configuration tool. In addition to some performance and usability enhancements, version 2.0 adds a new tab to the Flowalyzer interface.

Flowalyzer version 2.0 introduces The Trender

The latest addition to the Flowalyzer tool is the Trender tab, which creates graphs for critical Windows resources, all done in real-time (a configurable update period that defaults to once every second). The Trender uses SNMP information gathered from your compliant gear to measure metrics from interface utilization to CPU or memory consumption. There is no limit to the number of metrics you can trend simultaneously (aside from the obvious limitation of screen real estate).

Read more »

Jon Mills
Marketing & Public Relations Manager
Follow Me On Twitter

Most people collecting NetFlow use it in a very traditional fashion (i.e. NetFlow v5 with ingress flows). Ingress flow means that only inbound (i.e. received) traffic is collected and exported in NetFlow datagrams. This may sound like you won’t know what is going ‘out’ an interface, but have no fear. There is any easy way to calculate outbound traffic using ingress NetFlow.

Above, out bound utilization on interface 1 is determined by looking at the flows from interfaces 2,3 & 4 that are destined for interface 1. Since an ingress flow contains the source and destination interface (i.e. port of the router). Out bound traffic is determined by using ingress flows from the other interfaces. For this reason, it is important to enable NetFlow on all interfaces of the switch or router. This trick is common practice in all NetFlow reporting tools. But, what about NetFlow v9 and its support for ‘Egress’ NetFlow (i.e. traffic going out an interface)?

Read more »

Jon Mills
Marketing & Public Relations Manager
Follow Me On Twitter