Today I will show you how to configure PfSense NetFlow export on one of the more popular open source firewalls.

It is a great firewall that includes a long list of related features, as well as a package system that allows for further expandability. One of the many packages available is pfflowd, which converts OpenBSD PF status messages into Cisco NetFlow datagrams. This allows you export it to an external collector and gives historical reporting of your network activity. Read more »

For a free 30 day trial of Scrutinizer, Download Now!

Sign up for Advanced NetFlow Training™ coming to a city near you!

System requirements for a NetFlow collector are a lot higher than the average program. While I am still the “new guy” in support I am already seeing some trends here at Plixer. The majority of cases I have been working with involve servers that seem to run slow despite being on top of the line equipment. Nearly every time this issue comes up it is caused by an improper hard disk configuration.

One of the most overlooked NetFlow Collector System Requirements that write heavy database servers have is disk IOPS (Input/output Operations per Second). You have to remember that a spinning disk is very limited on how many writes it can make at any given time, and if the collector cannot write to the disk fast enough it can cause a lot of problems.  This has been the root cause of a lot of slow NetFlow collectors.

Read more »

For a free 30 day trial of Scrutinizer, Download Now!

Sign up for Advanced NetFlow Training™ coming to a city near you!

Do you remember exactly what you were doing July 26th? If you were at Plixer’s FlowFest 2011 you were eating fresh Maine lobster after a successful day of Advanced NetFlow Training™!

What’s that you say? You were cleaning the garage instead? If you weren’t able to attend this year, no worries, there’s always next year! FlowFest is a premiere NetFlow training event, hosted annually in the beautiful coastal town of Wells, Maine. (Thanks to everyone for the pictures!)

Read more »

For a free 30 day trial of Scrutinizer, Download Now!

Sign up for Advanced NetFlow Training™ coming to a city near you!

Hello all, we’ve been getting a lot of questions lately on how to configure nProbe and what the recommended nProbe configurations are, so I’ve put together some sample nProbe configurations to help setup your Linux nProbe.

Read more »

For a free 30 day trial of Scrutinizer, Download Now!

Sign up for Advanced NetFlow Training™ coming to a city near you!

Since this topic has come up several times over the last few weeks, I’ve decided to blog about creating custom report templates in Denika, our MRTG Performance Trender.

The first request was for monitoring Sensatronics temperature probes.  And then today we received the following request on our forums:

“Are there any way to make denika support mibs of ZTE or Huawei? Can i edit the template by some way, or some other method is available?”

And the answer is Yes, you can create new device and report templates with Denika. For Sensatronics, ZTE, Huawei, and other vendors also.  If they support SNMP, we can monitor them.  All you need is the IP Address, OID string, and the SNMP Credential for the device.
Read more »

For a free 30 day trial of Scrutinizer, Download Now!

Sign up for Advanced NetFlow Training™ coming to a city near you!

Are you interested in learning more about Cisco NetFlow collection?  We have two upcoming webinars available.  Each webcast will cover a variety of topics to get you the information you need.

We’ll discuss reporting on Top Domains to find out who is hitting them (such as MySpace, Ebay, and others).  Learn how to use NetFlow to pinpoint latency of applications, servers, and end systems.  Discuss what open source NetFlow software is appropriate for your business, or when to move from open source to an enterprise class NetFlow Analysis Solution. Read more »

Are you looking for more information from your NetFlow reports?  Such as MAC Address and Cisco NBAR information?

Flexible NetFlow can provide that information for you.  So the next question is, “How do I configure FnF on my router?“.

And here are a couple of great resources to assist with configuring Flexible NetFlow:

Read more »

A customer called in the other day after they had set up a map in Scrutinizer NetFlow and sFlow Analyzer.  They had some blank connections to devices that didn’t support NetFlow and they were asking if there was anything they could do to make the map more useful for these devices. I asked them if they used our SNMP trender Denika, and they said, “Yes.” So, we set up the integration with Denika and Scrutinizer, then started configuring Denika connections on their Scrutinizer Map.

Read more »

For a free 30 day trial of Scrutinizer, Download Now!

Sign up for Advanced NetFlow Training™ coming to a city near you!

Lately, I’ve been getting more familiar with different backup procedures and it made me want to update everyone on our current recommended Scrutinizer backup procedure. Read more »

For a free 30 day trial of Scrutinizer, Download Now!

Sign up for Advanced NetFlow Training™ coming to a city near you!

Consider this – customer calls in and says that a workstation on his network was scanning their entire corporate network and how can he be alerted on this type of behavior? The behavior wasn’t exactly malicious, but rather that someone had installed an inventory application on their desktop  which scanned their entire network with snmp scans.

So, no, it wasn’t malicious activity, but that sort of network monitoring also was not authorized for that individual on their network.

Using Scrutinizer NetFlow and sFlow Analyzer, he asked how he could detect that sort of network traffic.
Read more »