There is ZenPack that provides direct integration between Zenoss and our network traffic monitor that provides a NetFlow Plugin feature.   Our Zenoss NetFlow reporting tool makes troubleshooting network performance a seamless process from within the Zenoss console but, it doesn’t end with NetFlow.  We can also provide syslog reporting and then correlate the data with NetFlow and IPFIX.

Read more »

For a free 30 day trial of Scrutinizer, Download Now!

Sign up for Advanced NetFlow Training™ coming to a city near you!

Good news: Solera IPFIX support is available in our IPFIX reporting solution.  This is no surprise as Flow Analysis (NetFlow and IPFIX) continue to gain popularity in several key areas of many IT security programs:

• Data reconnaissance on the source or perpetrator of the threat (i.e. who did what to whom, when and where)
• Merge with other data sources to gain greater contextual information surrounding the details of the malware
• Host Reputation look ups

For those of you who need to get this setup fast, here are the instructions that we got from the documentation.
Read more »

For a free 30 day trial of Scrutinizer, Download Now!

Sign up for Advanced NetFlow Training™ coming to a city near you!

Apparently there are quite a few YAF IPFIX deployments out there. We recently had to test this software for a customer.  YAF stands for Yet Another Flowmeter which promotes the use of SiLK for some rudimentary threat detection.  Flow Analytics(TM)  can be used for more sophisticated network threat detection.  YAF can be placed off a spanned switched port and used as a NetFlow probe to improve network traffic monitoring  however, the metrics collected are not nearly as sophisticated as the nBox.

Read more »

For a free 30 day trial of Scrutinizer, Download Now!

Sign up for Advanced NetFlow Training™ coming to a city near you!

Just discovered, FatPipe NetFlow support is available on FatPipe’s WARP 5.2 high-speed clustering device. We are in the process of checking out this export to see if they are exporting any additional information beyond the NetFlow v5 tuple. I’m sure the developers at FatPipe are discussing exporting IPFIX to report on their patent pending SmartDNS and Inbound line failover, as well as their WAN optimization. As WARP is currently exporting NetFlow v5, Scrutinizer supports their export. Read more »

For a free 30 day trial of Scrutinizer, Download Now!

Sign up for Advanced NetFlow Training™ coming to a city near you!

Recently we created a bunch of new NetFlow reports for the exports and a solution for NAT Session Logging was one of the goals. This is not the first time we have created reports for this. We have also created NetFlow NAT Reports for:

Read more »

For a free 30 day trial of Scrutinizer, Download Now!

Sign up for Advanced NetFlow Training™ coming to a city near you!

Plixer recently teamed up Mix Master Mitch and Hip-Hop sensation Jeffrey Ramsey “Flow Master.Pcap” to produce their latest music video about SonicWALL IPFIX and NetFlow Exports.  MMM passes the torch in his usual epic fashion. Check it out!

If you want to learn more about Jeffrey Ramsey, also known as Ya Fav Homie JR, visit his website or follow @YaFavHomieJR on Twitter.  However, any true NetFlow analysis aficionado should first be familiar with  the work of long-time NetFlow rap contributor Mix Master Mitch, which can be found on the NetFlow Rap fan page.  Most videos were produced by Real Media Solutions.

Read more »

For a free 30 day trial of Scrutinizer, Download Now!

Sign up for Advanced NetFlow Training™ coming to a city near you!

How many of you use the ASDM interface of your Cisco ASA to view traffic patterns in real-time? I thought it was pretty slick when one of our customers showed it to me a few years ago. We have since acquired our own Cisco ASA and have started learning more about the Cisco ASA NetFlow exports. Below is a screen capture showing how it can trend the volume of traffic, volume of connections as well as the CPU and memory usage all in real-time.

Read more »

For a free 30 day trial of Scrutinizer, Download Now!

Sign up for Advanced NetFlow Training™ coming to a city near you!

Does your company have any remote employees? Do they use VoIP and are they experiencing choppy voice? You might find this post informative.

We have a few employees working remotely and of course we want them using our phone system however, dealing with call quality (aka QoS) can be a bit of a challenge. We have tried a couple of things.

Read more »

For a free 30 day trial of Scrutinizer, Download Now!

Sign up for Advanced NetFlow Training™ coming to a city near you!

Today, I am going to cover five new features available in Scrutinizer v7, as Part 4 of 5 in our “Whats new in Scrutinizer v7″ series. If you will recall, Nathan started this series off by covering encryption exclusions, more flows, collector improvements, group permissions for users, and proxy server configuration. Jon continued with part 2, covering overriding report intervals, Google Map connections, host and application quick search, user profiles, and alarm category filters. Last week, in part 3, Joanne blogged about applications being defined by combination of ports and IP addresses, emailed reports on demand or scheduled for regular time intervals, stacked trend graphs on all reports, LDAP and Active Directory support, and extensive flexibility for VoIP reports. This week I have five features that you’ll use time and time again.

Read more »

For a free 30 day trial of Scrutinizer, Download Now!

Sign up for Advanced NetFlow Training™ coming to a city near you!

Are you looking for an inexpensive solution to gain visibility on your network? Traffic-Flow is a feature available on RouterOS by MikroTik. Traffic-Flow is comparable to Cisco’s NetFlow technology, providing statistical information about packets passing through the router. Traffic-Flow supports NetFlow formats: v1 (not recommend) , v5 (BGP, AS, and flow sequence support), and v9 (extend-able field and record type support); therefore, most NetFlow collectors, including Scrutinizer and similar, will listen for these flows.

Read more »

For a free 30 day trial of Scrutinizer, Download Now!

Sign up for Advanced NetFlow Training™ coming to a city near you!