Cisco Performance Routing isn’t your grandfather’s routing. Cisco Performance routing (PfR for short) considers a particular path’s traffic characteristics when determining the best path for the conversation. Imagine being able to use actual delay, packet loss, MOS, jitter and more to give your router a better idea of the traffic conditions. With that data it can make a smart decision on how to route the conversation traffic. Add to that the ability to report on this with something simple like Netflow and you have solution that sounds to good to be true. Well, it isn’t!
I have had many customers ask me, “What are the algorithms in Flow Analytics and what do they do?” Excellent question. That is exactly what I will be covering in this second installment of my extensive series on Flow Analytics. In part one I covered how to enable Flow Analytics and properly configure it to your liking.
First of all, I’m a fan of sFlow, NetFlow, IPFIX, NetStream, JFlow, etc. I like them all. In this blog I would like to point something out that a customer made clear to me about sFlow.
IPFIX, NetStream, JFlow are all ‘NetFlow’ like technologies. These NetFlow technologies are truly ‘flow’ based. On the other hand, sFlow is not. It is a packet sampling technology. It has BIG benefits; however, the benefits are very different from a flow-based protocol such as NetFlow and IPFIX. Lets take a look at the definition of a flow.
What do these two have in common? For most people, probably nothing.
But here at Plixer International, the last business day before the Christmas holiday break, it has been customary to set up a game server with the Quake game on it.
Everyone brings some yummy food to share (brownies, meatballs, cheese & crackers, are some of the options), and for a few hours of the day, work takes a back seat to eating and gaming.
Personally, playing Quake isn’t my idea of a good time. Chasing opponents down dark hallways shooting at them, screams and blood. Not for me.
Sometimes you see a name flash across your screen that draws your attention. A few months ago I had one that did just that. When I decided to visit London I knew it was an attraction that I needed to see.
I use the term “amateur horticulturist” loosely when describing one of my hobbies. I am still in the beginning steps of building a self-contained, hydroponic garden and fish farm powered by Arduino. By “beginning steps” I mean that I have a lot of bookmarks and interesting YouTube videos.
One of the highlights of my job is being able to work with people from all over the world. Calls from China, GotoMeetings with Norway and video conferencing with the UK are all day to day activities for me. This month is a little different. Yesterday was the first day of my world wind trip to London, Dublin and Paris.
You’re in the market for a NetFlow Traffic Analyzer. What are the key features that you’re looking for? What makes one NetFlow analyzer stand out from the rest? Do you have a list of “must haves”?
Such as support for Flexible NetFlow, IPFIX reporting, portable network maps? How about automated NetFlow configuration on your routers and switches? Is customization of the web interface important to you? Multiple language support critical? Read more »
I was speechless, which for me is quite an astounding feat. So many thoughts ran around in my head but in the end only one thing came out of my mouth, “theres an app for that!”. Scrutinizer and NetFlow can easily help schools monitor for this type of traffic. Heck! It was one of the things Scrutinizer was built for. Understanding how users consume your networks bandwidth is important in todays world. Laws like this make monitoring your traffic a requirement. Matter of fact, it can be quite costly if you don’t.
As I mentioned Scrutinizer is well suited to assist in this task. NetFlow gives you the flexibility to monitor all of your network traffic from one central location. Scrutinizer allows you to filter your data into meaningful, easy to swallow reports that tell you who was doing what, where and when. It doesn’t stop there.
Scrutinizers filtering engine allows you to customize how you view your data . Scrutinizer then gives you the ability to add a threshold to that report . Now you have a customized monitoring tool. I created a quick video that explain . . . .
But that report only looks for high bandwidth consumption, file sharing traffic can be small and and almost undetectable. In applications that don’t store all of the NetFlow traffic this is true. Scrutinizer stores all of your NetFlow data which gives our Flow Analytics engine the ability to monitor all of your network traffic and alert you on suspicious traffic patterns. You guessed it, one of the monitoring algorithms is P2P. How fitting! . Flow Analytics also allows you to easily identify Top Applications, Conversations, Flows, Protocols, Domains, Countries, Subnets, etc. across dozens of routers and switches.
Do you have NetFlowV9 and NBAR? We are one of the only vendors that support this technology completely. NBAR stands for ”Network Based Application Recognition” and is the mechanism used by some Cisco routers and switches to recognize a dataflow by inspecting some packets sent. With NBAR you are going to be able to get a definitive answer on what applications are being used on your network. Scrutinizer supports it, reports on it and most importantly alerts on it!
I’ve shown you a few of the ways Scrutinizer can help you meet the needs of this new law. There are quite a few other important features so make sure to download a copy of Scrutinizer and kick the tires for 30 days.
Consider this – customer calls in and says that a workstation on his network was scanning their entire corporate network and how can he be alerted on this type of behavior? The behavior wasn’t exactly malicious, but rather that someone had installed an inventory application on their desktop which scanned their entire network with snmp scans.
So, no, it wasn’t malicious activity, but that sort of network monitoring also was not authorized for that individual on their network.
Using Scrutinizer NetFlow and sFlow Analyzer, he asked how he could detect that sort of network traffic. Read more »