First of all, Net Flow  is spelled NetFlow, and today, we’re going to talk about an IT Monitoring Service that provides Network Traffic Monitoring.  Specifically, we want to monitor BYOD Traffic.  The modern workplace is often being assaulted by these devices.  Why? Androids and iPhones are constantly searching for a Network to connect to.  Once attached, some employees are so ‘connected’ with friends that these smart phones start flooding the network and pestering the user to participate in Facebook, Farmville or even Scrabble.  How can you find out when, what and where they are doing?

Read more »

For a 30 day Trial of Scrutinizer, Click Here to Download!

Join the NetFlow Developments group on LinkedIn.

Cisco Systems, Inc. has released a new feature, the NBAR Protocol Pack, which provides an easy way to load multiple Protocol Description Language (PDL) files at one time. Read more »

Visit our website to download a 30 day trial of Scrutinizer.

Join the NetFlow Developments group on LinkedIn.

How dedicated is your company to using VoIP? Do you utilize remote employees who use VoIP or Video conferencing? Do you have any way to see exactly why your having choppy or low quality calls/videos? Everybody wants to have the best QoS for their calls or at the very least know why they don’t. With a VoIP Netflow Monitoring tool you are able to reactively monitor:

• Jitter
• Packet Loss
• Latency
• Round Trip Time (RTT)

Read more »

Visit our website to download a 30 day trial of Scrutinizer

Join the NetFlow Developments group on LinkedIn.

Are you thinking about migrating to Flexible NetFlow (aka FnF)?   If you are, you are probably aware that FnF brings the following to NetFlow:

• NetFlow NBAR for application recognition
• Performance Monitoring “Cisco Medianet”
• Layer 2 information
• Export to unlimited collectors
• Much more…..

Read more »

Visit our website to download a 30 day trial of Scrutinizer.

Join the NetFlow Developments group on LinkedIn.

NetFlow has come a long way in the last few years.  For example, here’s a list of some new information that can now be monitored and filtered on by exporting NetFlow or IPFIX packets from your routers, switches, and firewalls.

•    Medianet
•    Host/Application Latency
•    VoIP with Caller ID
•    Configuring Cisco ASA NetFlow Exports
•    NBAR
•    URLs
•    Mac Address and VLAN

Now that’s a whole lot of information that you can get from your NetFlow Analyzer!

So what is all this new information?

Read more »

Visit our website to download a 30 day trial of Scrutinizer.

Join the NetFlow Developments group on LinkedIn.

We recently received a request from a customer looking for a way to identify GoogleTalk (gtalk) traffic.  To address this request, we first needed to learn about this protocol.  It seems that GoogleTalk uses an existing protocol called “Jabber”, which is based on XMPP.  To simplify things, Jabber uses a standard port of 5222.

Read more »

Visit our website to download a 30 day trial of Scrutinizer.

Join the NetFlow Developments group on LinkedIn.

I recently learned that Cisco is planning to have integration with DPI (Deep Packet Inspection).  What does this mean to your NetFlow collector and NetFlow Analyzer?  More good stuff!

Seriously, it means more information on the applications on your network.  What good is a NetFlow Reporting tool that only tells you the application is ‘HTTP’ (i.e. port 80)?  Many applications today are using port 80 and a whole slew of others use random ports. This is a real problem for NetFlow monitoring tools because there often isn’t enough information in the traditional NetFlow v5 tuple to determine the actual application (e.g. skype, BitTorrent, H.323, GoToMeeting, etc.).  It has to be done by the hardware or software that exports the IPFIX or NetFlow information. Read more »

While doing a demonstration of the reporting capabilities of Scrutinizer last week, I had a customer ask, “How can I monitor Netflix traffic?”

There are a couple of ways that this can be done.

If you have Cisco routers, and are running IOS 15.1 or higher, there is an option to enable NBAR. Using Flexible NetFlow, we create a user defined flow template by adding the collect NBAR application option parameters to the flow record. Then it is just a matter of selecting the NBAR report filters available in Scrutinizer.

But I would like to show you a way to use a template option to capture and pass URL’s. We will be using nProbe to capture traffic from an interface on a device and export IPFIX templates to Scrutinizer.

The set up of nProbe is a simple process of using command line options to configure the template and create and start a nProbe service.

Once we see the device and interfaces in Scrutinizer, it is just a matter of adding filters to the report to isolate the Netflix traffic.

Read more »

Visit our website to download a 30 day trial of Scrutinizer

Join the NetFlow Developments group on LinkedIn.

Configuring Flexible NetFlow NBAR has been discussed in our blogs before, but it’s still such a hot topic, I thought it warranted more coverage.

With NetFlow v9 Flexible NetFlow support, configuring the export of NBAR information to your NetFlow collector is simple to do by following these four steps.
Read more »

Visit our website to download a 30 day trial of Scrutinizer.

Join the NetFlow Developments group on LinkedIn.

You probably have NetFlow enabled on your network devices, but the question is, are you truly taking advantage of what it offers? From working in technical support, I noticed, although NetFlow technology is evolving rapidly, when it comes to understanding how the technology works and how much can be accomplish with it, many users are staying behind. Today I want to give you a few tips. Read more »

Visit our website to download a 30 day trial of Scrutinizer

Join the NetFlow Developments group on LinkedIn.