I don’t remember where we saw it, but there was a report that stated there were 102 unique vendors that released a NetFlow tool in 2008.

I don’t know how accurate that is, but I can definitely confirm that if you go to Google.com and search the key word NetFlow, you’re going to get a LONGGGGGGGG list.

So with a plethora of options and little time to evaluate, what does Scrutinizer offer that might make it worth…scrutinizing? (Sorry, couldn’t help it)

Here’s five compelling reasons to take a look at my product:

Read more »

Hi there all! Another week is coming to close and I hope its been a good one. With the Cisco ASA being the hot topic for the past couple months, I wanted to share this blog with you.

This is a very important topic, since this will help you understand how the ASA reports conversations differently from other switch/router counterparts. Let’s take a look:

Undirectional NetFlow:

Traditionally, NetFlow is a unidirectional technology. As an example, when host A sends traffic to host B, this will create a single flow. When host B replies, a second flow is created within the router cache. So using that example, conversation A –> B creates a flow of 500kb. The return reply from B –> A will create a separate flow of 75kb.

Bidirectional NetFlow:

As of today, I’ve only ever seen bidirectional flows from the Cisco ASA. To summarize though: instead of getting two flows as illustrated above, you will only get one flow from the host who initiated the conversation. However, within that one flow, you will have the correct total of traffic for the connection and reply. So take the conversation I used in the example of Unidirectional Flows: A –>B = 500kb, B –> A = 75kb

Since there is only one flow created, this one flow will present the total of 575kb, A –> B = 575kb, instead of breaking into two summaries.

This is a strange way of rendering a flow, if you want my opinion. I’m not sure why Cisco decided to implement this, since it makes it tougher to figure out the flow direction.

“So this 575kb conversation, is this from A –> B or is this B –> A?”

Regardless,we should be grateful to have a firewall exporting NetFlow in the first place and I’m sure everyone else feels the same way…

If you would like more information regarding the unique properties of the ASA, please give us a call and we’ll be happy to help.

Nate

Hi there everyone! I hope you’ve had productive week and I wish you all a fantastic weekend.

This week, we’ve had two successful webinars that highlighted some of the fun new features for Scrutinizer v7.5 and I’d like to make the replay available to everyone who wasn’t able to be in attendance.

So if you’d like to get the inside scoop on some of the new goodies like NBAR reporting, the new Matrix connections report and the Flow Expert toolset ; take a seat, grab some popcorn and enjoy the movie.

Oh, to take advantage of these new features, be sure to upgrade your copy of Scrutinizer to v7.5.

Here’s the link to the latest download: Scrutinizer v7.5 update

If there are any questions that come up during the webinar, please feel free to contact us and we’ll be happy to help.

(207) 324-8805

Nate

Over the past couple months, the hot topic in the NetFlow world has definitely been the Cisco ASA. Since they can be found in networks both big and small, I feel like I’ve helped every network admin from here to Kalamazoo get one configured.

I was talking with someone today that was evaluating our NetFlow Analyzer and he was wanting to know how to see his ASA flows. I first wanted to make sure that he had configured it correctly, so I asked him:

“Did you find any documentation on getting the ASA configured?”

“Yeah, I found the configs on the Cisco website…”

Once he said that, it immediately came to mind that there might be a configuration adjustment that would need to be made when working with my collector. We logged into ASDM and sure enough, there was a small tweak we needed to make…

Read more »

Hi there guys! Its Thursday afternoon and the snow is beginning to fall here in New England. I’ve heard talk about 1-2 ft worth of snow, but you know those weathermen…

But before we close shop here for the holiday weekend, I wanted to be sure and announce the release of a small patch that provides a few small fixes that we wanted to squeak in before the next big release.

To find the latest update for your favorite NetFlow traffic analysis tool, just clicky clicky on the link below:

Scrutinizer v7.3.2 update

And we at Plixer all hope you have safe and restful New Years!

-Nate

With today’s blog, I want to do two things for my customers: the first being to remind you that any custom report filters you create can be imported into MyView.

Secondly, once you import that report into MyView, how to hack the bejeezus out of it to get what display you’d like.

Let me explain…

Read more »

Since the launch of our Systrax community website, we have written over three hundred blogs and generated two unique cases of Carpal Tunnel to bring you informative and sometimes quasi entertaining content.

I think its time though to lasso in some of the highlights over the year into one summary blog for quick and easy reference. This blog will link to others that have answered some of the more commonly asked questions. We hope you enjoy it.

Read more »

Happy Friday everyone!

The other day I was working with a new customer getting NetFlow export enabled on his Cisco 3800 routers. When I was explaining the concept of using the ip flow ingress command in enabling NetFlow per interface, he said:

“I have to do that on all my interfaces?!? I have like ten sub-interfaces to do.”

In reality, ten interfaces isn’t really hard to configure, but it can be… cumbersome.

So if you are enabling NetFlow on a device with LOTS of vlans, a nice quick way to get things up and running is to use the int range command.

You can do this by typing the following:

Read more »

With the release of Scrutinizer v7.3, we’ve been advertising the support of a couple of new filters that focus around reporting on NBAR. HURRAY!

But in case you don’t know exactly what NBAR is or why its so very cool, lets take a step back and look at what it does for us:

Read more »

Just the other day, Brad Reese from Network World wrote a nice blog reflecting on the recent announcement of H.P. acquiring 3Com.

With a huge announcement like this, naturally there are a lot of reactions and opinions. This kind of move may impact a lot of people and their current network strategies.

But coming from a NetFlow, sFlow and Netstream vendor perspective, I think this could be good news.

Read more »