Defrag your hard drive!

As mentioned in Scott’s blog,  “Getting the most from your NetFlow and sFlow Analysis Tool“, disk fragmentation can be the primary cause for slow performance in running NetFlow reports.

Due to the large volume of data stored when collecting NetFlow packets, disk I/O may already be pushed to the limits on your server.  Add to that a highly fragmented disk drive and you might as well go hang out at the water cooler while you wait for your report to run.

Here’s an example of an extremely fragmented disk:

As Scott mentioned in his blog, “With hard drives, blue is a good thing, red is bad. Ideally we would want to see mostly blue and white.”

But, on the other hand,  if you don’t have anything better to do with your time, if using Scrutinizer has so streamlined your network monitoring that you need to slow your day down a bit, then please, leave your disk fully fragmented and take a break!

Otherwise, if you prefer your Netflow reporting to complete in your lifetime, then defrag!

And in the spare time that you now have to kill, you can monitor excessive Facebook traffic and other odd traffic patterns on your network, or read our blogs to learn how to enable Flexible NetFlow, or give us a call to find out what else our NetFlow solution can do for you.

- Joanne

If you are seeking a good understanding of NetFlow, or a better understanding of how it can be enabled, configured, and analyzed, the “Commercial NetFlow Applications” chapter from the book Digital Forensics for Network, Internet, and Cloud Computing can be a great resource.  Written by Mike Patterson of Plixer International, Inc., the chapter details NetFlow and explains how you can capitalize on its utilization. Read more »

Has your company adopted a social media policy yet?  Social Networking sites such as Facebook, Twitter, and MySpace are increasingly being considered threats for at least a couple big reasons:  security risks and traffic risks.

Use of social medias at work can pose security risks to the company’s intellectual property through an employee’s personal communication habits.  On occasion, attackers assume the identity of someone who hasn’t actually joined sites like facebook.  Then the attacker determines who this person’s friends or schoolmates are and sends friend requests.  Once befriended, the attacker has personal information of users and can make targeted attacks.  Social engineering tactics like this can be very effective, especially when they get users to start sharing URLs leading to malicious sites or spoofs of actual businesses such as your local bank.  In some countries, criminals are not banned from using sites like facebook when they are incarcerated, as The Washington Times recently reported.

Use of social medias at work can also pose network traffic problems for the company.  Read more »

You’re in the market for a NetFlow Traffic Analyzer.  What are the key features that you’re looking for?  What makes one NetFlow analyzer stand out from the rest?  Do you have a list of “must haves”?

Such as support for Flexible NetFlow, IPFIX reporting, portable network maps?  How about automated NetFlow configuration on your routers and switches?  Is customization of the web interface important to you?  Multiple language support critical?
Read more »

For most of the last year I have been working as a member of the  Technical Support Team here at Plixer International. But as of July 1st, I have moved from Technical Support to a Pre-Sales Support role on the Sales Team. In my new role I will be responsible for providing technical support for all pre-sales/evaluating customers.

I just want to say that it has been a pleasure working with the many customers that I’ve talked to over the last year. I wish you all much success in your Network Admin/IT endeavors.

If you are new to the NetFlow technology, I would welcome the opportunity to demonstrate the benefits of using NetFlow and our network analysis tool to open windows into what is going on over your network. The following information is made available via the flow packets: source IP address, destination IP address, source port number, destination port number, protocol type, type of services, and the router input interface.

Exporting flows to a NetFlow collector provides a deeper level of detail that was up to this point unavailable in network management. This type of information has proven invaluable in detecting worms, port scans, DDoS attacks, and other security threats and network misuse.

Read more »

Okay, back to the basics. We’ve been working with Cisco NetFlow technology for many years now, but what is NetFlow?

NetFlow is a traffic profile monitoring technology developed by Darren Kerr and Barry Bruins at Cisco Systems, back in 1996. At that time, network monitoring mostly consisted of seeing how much traffic was traversing your network, but did not include what that traffic was.
Read more »

At the support desk we often get asked questions about NetFlow technology and what, if any, performance impact enabling NetFlow will have on their routers or switches.

Cisco® NetFlow technology is an embedded feature within Cisco IOS routers and high end switches. NetFlow data records consist of information about source and destination addresses, along with the protocols and ports used in the end-to-end conversation. The NetFlow feature set allows for the tracking of individual IP flows as they are received at a Cisco router or switching device.

Network administrators can use the NetFlow flow records for a variety of purposes, including accounting, billing, network planning, traffic engineering and user or application monitoring.

Many customers who are new to NetFlow are naturally cautious about introducing it into their network. They need to understand the potential performance impact of enabling NetFlow before they are willing to deploy it. Cisco has released a NetFlow Performance Analysis paper that examines the CPU impact of enabling NetFlow services in various scenarios on several different Cisco hardware platforms.

Before you get too concerned about what the report is showing, look at those flow numbers. They represent a ”worst-case scenario” in terms of the traffic flows seen by the routers, and the results must be viewed in that context.

Now that you have decided to enable NetFlow on your routers and switching devices, it’s time to put that flow data to work for you.

Let us show you how our NetFlow and sFlow Analysis Tool provides the best custom reporting engine on the market today, supporting leading edge technologies like Cisco ASA, Flexible NetFlow, IPFIX, and NBAR.

Give me a call – (207)324-8805

-Scott

Why do you want to know what is going on in the traffic flow of a network?

What’s the point?

Why doesn’t utilization alone cut it?

Network Administrators don’t typically have a lot of time on a day-to-day basis. There is always some fire to fight, some network or user issue that comes up. Most times your juggling more than one issue at a time. So you find yourself spending most of your time trying to keep the network running and the users happy.

A Network Administrator’s abilities are only as good as his awareness of what happens on his network.

Monitoring and maintaining your network traffic and bandwidth utilization used to be an overlooked aspect of your job. But evolution of technology has changed the makeup of networks everywhere and has forced network managers to include Flow analysis and monitoring in their network management strategies.

Network Flow Analysis is the art of studying the traffic on a computer network. It is the  industry-standard method of collecting and recording network traffic. Flow analysis lets you see what types of traffic passed between hosts, without having to reproduce the problem.

Read more »

Since NetFlow is an important part of our business model, one of my jobs is to make sure we are on top of where the NetFlow industry is going.  Although I have no crystal ball to forecast where I think Cisco is headed with the technology, I can speculate where the technology is going based on features I have already seen Cisco and other vendors deliver on. Read more »

The question is, how do you integrate the network management application that you have been using forever and the NetFlow traffic monitoring application data that you have recently installed?  NetFlow collection, as we have all learned these last few years, provides more and more insight into not just how much network traffic you have, but what that traffic is.

So we need to be able to seamlessly move from one application to the other.  If your NetFlow traffic analyzer is Scrutinizer version 7, then the following information should be of great interest to you.
Read more »