Are you thinking about migrating to Flexible NetFlow (aka FnF)?   If you are, you are probably aware that FnF brings the following to NetFlow:

• NetFlow NBAR for application recognition
• Performance Monitoring “Cisco Medianet”
• Layer 2 information
• Export to unlimited collectors
• Much more…..

Read more »

Visit our website to download a 30 day trial of Scrutinizer.

Join the NetFlow Developments group on LinkedIn.

NetFlow has come a long way in the last few years.  For example, here’s a list of some new information that can now be monitored and filtered on by exporting NetFlow or IPFIX packets from your routers, switches, and firewalls.

•    Medianet
•    Host/Application Latency
•    VoIP with Caller ID
•    Configuring Cisco ASA NetFlow Exports
•    NBAR
•    URLs
•    Mac Address and VLAN

Now that’s a whole lot of information that you can get from your NetFlow Analyzer!

So what is all this new information?

Read more »

Visit our website to download a 30 day trial of Scrutinizer.

Join the NetFlow Developments group on LinkedIn.

Configuring Flexible NetFlow NBAR has been discussed in our blogs before, but it’s still such a hot topic, I thought it warranted more coverage.

With NetFlow v9 Flexible NetFlow support, configuring the export of NBAR information to your NetFlow collector is simple to do by following these four steps.
Read more »

Visit our website to download a 30 day trial of Scrutinizer.

Join the NetFlow Developments group on LinkedIn.

At the support desk we often help customers set up configurations to enable NetFlow and sFlow on a number of different device types. The device types always seem to come in waves, or what I call, “the flavor of the week.” Last week I set up a number of Cisco ASA firewalls. This week I have been setting up a bunch of Cisco 6500 Catalyst Series Switches.

Often customers initially set these Cisco switches up with the traditional NetFlow commands and then see traffic under reported when looking at details from our NetFlow reporting tool. Read more »

Q: What is a Cisco Borderless Network?

A: The Cisco Secure Borderless Network architecture integrates security into the distributed network and enables customers to build flexible solutions to meet evolving business and security challenges. Think about mobile phones for a minute, is your network securing them or secure from them? Cisco Borderless Networks claim to deliver the new workspace experience, connecting anyone, anywhere, using any device, to any resource – securely, reliably, seemlessly. Watch a few Cisco Customers explain it. In truth, most of us already have a borderless network in place. Can you VPN into the business network from home? That would be one example.

Read more »

The other day my colleagues at the technical support desk and I were talking about different aspects of network analysis and an interesting question came up:

When you use a NetFlow collecting appliance, what function do you use more, the reporting or the behavior analysis function?

Between all of us, we couldn’t come up with a definitive answer.

At Plixer, we have designed our NetFlow and sFlow Analysis Tool to provide the best custom reporting engine on the market today, supporting leading edge technologies like the Cisco ASA, Flexible NetFlow, IPFIX, and NBAR. With a single mouse click you can select from over 20 predefined report filters. Anything from top hosts, applications, and conversations, to traffic volume and flow volume reports.

But it gets better!

We are soon to be releasing Scrutinizer v8. Version 8 includes a number of new report filters including a dashboard report that lets you see a number of different reports for an interface on a single view.

Scrutinizer with Flow Analytics is one of the few NetFlow and sFlow solutions that combines network traffic analysis with continuous network behavior monitoring.

The Flow Analytics function within Scrutinizer includes dozens of algorithms that detect malware such as botnets, worms, and other threats. It interrogates every flow from your exporting devices for suspicious traffic patterns and anomalies. All flows across selected flow sending devices are monitored at all times. While antivirus solutions help catch infections on computers, Flow Analytics looks for problems that are already underway (e.g. DDoS, network scans, nefarious activity, etc.) on the internal network.

The Flow Expert view on the MyView tab lets you see what’s going on across your network on a single dashboard view. The Threats Overview gadget shows you a count of the occurrences that have been found for each algorithm, and a click on the alarm takes you directly to the Alarm tab to view the details for that particular alert.

Since we are in the election season I figured that I would pass the question on to you.

 Loading ...

If you are looking for a new network traffic analysis tool, or have any questions about Scrutinizer, give me a call – (207)324-8805

-Scott

Today I wanted to give a little introduction to traffic monitoring that uses NetFlow technology; I will be focusing on what is involved in setting up a NetFlow traffic monitoring system. Most of these systems have three major components, the most simplistic would have: a NetFlow exporter, a Netflow collector, and finally a NetFlow analysis software.

A. Exporter: It is any network device with NetFlow exporting capability. An exporter gathers traffic information in UDP packets, and sends them to a server were the traffic information is stored and analyzed. It could be a router, a switch, or a software based routing appliance that can be configured to send NetFlow . If you are using Cisco you might want to check in the following list to see whether your devices are in the series that supports NetFlow. Read more »

Visit our website to download a 30 day trial of Scrutinizer

Join the NetFlow Developments group on LinkedIn.

So, have you asked yourself, should I upgrade to Flexible NetFlow?  And if you have, has the next question been, why?

Here are 10 reasons for using Flexible NetFlow over NetFlow v5.  We posted a blog some time ago on What is Flexible NetFlow (FnF)  that might be helpful to those not familiar with FnF.

Read more »

Over  the last few weeks I have taken a number of support calls from customers who were looking for some assistance configuring their Cisco ASA. So I figured that I would take this opportunity to revisit some older blog subjects.

In my opinion, the easiest way to get NSEL exporting from these security appliances is through the use of the ASDM interface. This simple, GUI-based firewall management tool allows you to quickly configure the Cisco ASA without having to use the cumbersome command-line interface.

Read more »

For a 30 day Trial of Scrutinizer, Click Here to Download!

Join the NetFlow Developments group on LinkedIn.