Often these days, we’re asked for a general rule of thumb or guidelines that can help with calculating NetFlow Volume.  How much disk space should an average NetFlow Deployment consume. One of the biggest concerns is that exporting NetFlow (or one of its cousins) for Network Performance Analysis will have a drastic impact on the available bandwidth, CPU overhead on devices, or on the hard drives storing it. This is simply not true.

Read more »

For a free 30 day trial of Scrutinizer, Download Now!

Sign up for Advanced NetFlow Training™ coming to a city near you!

The Zero Trust model is a relatively new network security design model that requires network segmentation and segregation of employees from critical internal resources. The basic idea is that the internal network is no longer explicitly ”trusted.” BYOD policies and the mobile workforce have brought new threats to the internal network that just weren’t there five years ago. It’s no longer practical to assume “bad guys outside, good guys inside.” Let’s take a look at exactly what this means…

Read more »

For a free 30 day trial of Scrutinizer, Download Now!

Sign up for Advanced NetFlow Training™ coming to a city near you!

Nagios is one of the more popular free network monitoring solutions that can be upgraded to a commercial version.  For years this community has depended on 3rd party NetFlow Analysis tools as a best of breed approach to a complete solution. Recently, Nick Scott at Nagios announced Nagios Network Analyzer which provides basic support for NetFlow v5, v7 and v9 however, it lacks support for all of the unique elements that can be exported by Flexible NetFlow and IPFIX.   What does this mean?

Read more »

For a free 30 day trial of Scrutinizer, Download Now!

Sign up for Advanced NetFlow Training™ coming to a city near you!

This is a conversation I find myself having more and more lately so I thought it would make sense to discuss in detail just exactly how security information management systems (SIEMs) and NetFlow are related and why SIEMs are a poor choice for NetFlow collection.

Read more »

There are many uses of NetFlow but one of the most important and often overlooked is the network security value NetFlow and IPFIX can provide. Based on feedback gathered over 10 years from hundreds of NetFlow customers, here’s the top five uses of NetFlow analysis for network security in ascending order…
Read more »

For a free 30 day trial of Scrutinizer, Download Now!

Sign up for Advanced NetFlow Training™ coming to a city near you!

Mike Patterson (Plixer CEO and Founder) and I have been long time colleagues in the arena of NetFlow analysis. Over the years we’ve both watched as NetFlow has matured and gained increasing popularity and I’ve always admired Mike and his team’s energy and steadfast devotion to NetFlow technology. Read more »

Read about virtual routing first before reading this post.  VRF aware Netflow is available in Scrutinizer since v7 and in IOS starting with 12.4(11)T, however I also saw in some documentation that support for VRF input was added in 15.0(1)M. This is of course via Flexible Netflow. You can set the input VRF as a key field in the NetFlow record, then use the VRF ID to filter reports based on that VRF in scrutinizer.

Read more »

For a free 30 day trial of Scrutinizer, Download Now!

Sign up for Advanced NetFlow Training™ coming to a city near you!

The most advanced Flow technologies today come in the form of (FnF) Flexible NetFlow Reporting and IPFIX Reporting.  Some vendors have renamed these technologies to AppFlow, Cascade Flow, J-Flow and NetStream, however they are usually a near copy of either NetFlow or IPFIX.

List of Next Gen NetFlow / IPFIX Reporting Features

Read more »

For a free 30 day trial of Scrutinizer, Download Now!

Sign up for Advanced NetFlow Training™ coming to a city near you!

System requirements for a NetFlow collector are a lot higher than the average program. While I am still the “new guy” in support I am already seeing some trends here at Plixer. The majority of cases I have been working with involve servers that seem to run slow despite being on top of the line equipment. Nearly every time this issue comes up it is caused by an improper hard disk configuration.

One of the most overlooked NetFlow Collector System Requirements that write heavy database servers have is disk IOPS (Input/output Operations per Second). You have to remember that a spinning disk is very limited on how many writes it can make at any given time, and if the collector cannot write to the disk fast enough it can cause a lot of problems.  This has been the root cause of a lot of slow NetFlow collectors.

Read more »

For a free 30 day trial of Scrutinizer, Download Now!

Sign up for Advanced NetFlow Training™ coming to a city near you!

Now that you know AdTran supports NetFlow, you need an AdTran NetFlow Analyzer. With the implementation of the Integrated Traffic Monitoring feature in AOS products, AdTran takes network traffic monitoring to a new level. You just need the right NetFlow reporting tool.

Our NetFlow application provides an incredibly high level of AdTran NetVanta NetFlow data analysis capability. It allows you to: Read more »

For a free 30 day trial of Scrutinizer, Download Now!

Sign up for Advanced NetFlow Training™ coming to a city near you!