Did you know that using an advanced network reporting solution you can log NAT and firewall events from a Cisco ASR router to a flow collector, and report on this data using NetFlow v9?

I’ve been working with a service provider that deploys ASR1006 routers at his ISP’s internet Edge.  They use private IP addressing which is NATed at the internet edge network.  This allows scaling of IP addressing such that if they ever have more subscribers than available public IP address space they are not limited.  The problem that this presents is that his country has regulations where government authorities ask that ISPs identify a subscriber based on IP address and time provided by authorities to the ISP. So he needed some reporting that would provide this visibility. Read more »

Scott Robertson
Sr. Solutions Engineer

For a free 30 day trial of Scrutinizer, Download Now!

Sign up for Advanced NetFlow Training™ coming to a city near you!

Have you upgraded your Cisco ASA to version 8.4(5) for the latest and greatest security features and NetFlow (NSEL) enhancements from Cisco Systems? Well, if you have, you may have noticed that the NetFlow reporting broke.  Have no fear, we fixed this issue in Scrutinizer version 10.1 which is being released in a couple of days.  But, WAIT! There’s more!

Read more »

Michael Patterson
Founder and CEO

For a free 30 day trial of Scrutinizer, Download Now!

Sign up for Advanced NetFlow Training™ coming to a city near you!

IT professionals have been looking for better ways to monitor and store firewall logs for years. Properly handled, firewall events can give insight into APTs, DoS attacks, firewall rule planning and misconfigurations, policy violations, and much more. To date, Syslog has been the go-to mechanism for access to firewall log info. It’s universally supported by the firewall community, easy to understand, and it’s quick to implement on both the firewall as well as the syslog analyzer.

Unfortunately syslog is resource intensive on both the firewall and the log analyzer. It’s largely unstructured, requires string pattern matching, and the exact format and fields vary from one firewall to the next. How often do you turn on full “Accept” and “Deny” logging for every rule? Sure you can and yes it’s valuable but the amount of syslog created is tremendous.

Enter NetFlow and IPFIX…

Read more »

Recently we created a bunch of new NetFlow reports for the exports and a solution for NAT Session Logging was one of the goals. This is not the first time we have created reports for this. We have also created NetFlow NAT Reports for:

Read more »

- Thomas Pore

For a free 30 day trial of Scrutinizer, Download Now!

Sign up for Advanced NetFlow Training™ coming to a city near you!