Cisco ASA NetFlow and VPN Support

Posted in cisco ASA, network threat detection, Network Traffic Monitor on April 24th, 2013 by Jake
Cisco ASA NetFlow and VPN Support

I run into a lot of unique hardware working in technical support; as a result I want to write about Cisco ASA NetFlow and VPN support. Recently, I have received questions from customers wanting to monitor their VPN traffic using NetFlow. This blog will briefly cover what VPN is, and how I used our network traffic monitor for Cisco ASA VPN reporting.

What is a VPN?

First, I would like to do is address “What is a VPN”. A VPN (Virtual Private Network) is an extension of a private network that uses different types of encryption so remote users can log into a private network safely and securely over the internet and still have access to all of the resources that they would have if they were connected locally. The biggest issue we hear from customers is not being able to monitor what those hosts are doing and when I show them how to see this information they are blown away.

Monitoring VPN traffic with NetFlow

Below, I have attached a report that I ran a few nights ago on our VPN traffic here. As you can see, I did some Cisco ASA Reporting on our VPN’s but the principles are still the same for any VPN exporting NetFlow or any other flow technology. In this report I added filters for the ports associated with VPN’s\encrypted traffic as well as filtered on UDP traffic only. What we are left with, is a list of our VPN users from Maine, Turkey, Florida and New Hampshire. As you can probably imagine, being able to quickly have access to this information on your network can be very helpful in troubleshooting why the network is slow and network threat detection associated with your VPN traffic.

Juniper SA4500 NetFlow

In the report above, our network analyzer provides amazing information for monitoring traffic on your VPN’s, by simply filtering traffic on Port/Protocol you are now able to drill down on specific users and find out exactly what everyone is up to on your network, True 100% network visibility.

If you need any help configuring your Cisco ASA VPN’s or have any questions on how to report on them feel free to contact us.

If you enjoyed this post, please consider leaving a comment or subscribing to the RSS feed to have future articles delivered to your feed reader.
Tags: , ,

4 Responses to “Cisco ASA NetFlow and VPN Support”

  1. Danny Says:

    This is fantastic and I will like a help from you on Cisco ASA netflow and what to achieve out of it.

  2. Jake Bergeron Says:

    Hello Danny, feel free to contact Plixer Tech Support and we would be happy to show you how to report on your Cisco ASA’s

  3. Danny Says:

    Thanks Jake,
    Please how do I contact Plixer

  4. Jake Bergeron Says:

    You can find our contact information in the link below:

    http://www.plixer.com/Support/support-overview.html

Leave a Reply

You must be logged in to post a comment.