High volume NetFlow Collection usually can’t be attained by simply placing the NetFlow collector on beefier hardware. It requires understanding of the protocol, the preprocessing necessary to meet the demands of the front end, tweaking memory, optimizing database settings and of course powerful hardware.
Read more »

For a free 30 day trial of Scrutinizer, Download Now!

Sign up for Advanced NetFlow Training™ coming to a city near you!

In Part 3 of the NetFlow Overview series, I will be discussing the NetFlow Template Flowset.  In Part 1 I covered NetFlow basics, and then Scott addressed NetFlow Packet headers in Part 2 of this series.

The following definitions are taken from Cisco’s NetFlow Version 9 Flow-Record Format whitepaper.

Read more »

For a free 30 day trial of Scrutinizer, Download Now!

Sign up for Advanced NetFlow Training™ coming to a city near you!

Welcome to the first installment of our NetFlow v9 Overview, beginning (of course!) with NetFlow basics.

What is NetFlow?

A network flow is defined as a unidirectional sequence of packets between given source and destination endpoints.  Traditional NetFlow uses a 7-tuple of source and destination IP address, transport layer port numbers, IP Protocol, Type of Service (ToS), and the input interface port to uniquely identify flows. Flexible NetFlow (FNF) is a ground-up rewrite of NetFlow which allows the user to customize the NetFlow tuple to include (or exclude) a nearly infinite amount of different fields.

Read more »

For a free 30 day trial of Scrutinizer, Download Now!

Sign up for Advanced NetFlow Training™ coming to a city near you!

This is a conversation I find myself having more and more lately so I thought it would make sense to discuss in detail just exactly how security information management systems (SIEMs) and NetFlow are related and why SIEMs are a poor choice for NetFlow collection.

Read more »

Top 3 reasons for setting up Virtual NetFlow?  What is that all about?

It is about the top 3 virtual server solutions that provide NetFlow support: Read more »

For a free 30 day trial of Scrutinizer, Download Now!

Sign up for Advanced NetFlow Training™ coming to a city near you!

System requirements for a NetFlow collector are a lot higher than the average program. While I am still the “new guy” in support I am already seeing some trends here at Plixer. The majority of cases I have been working with involve servers that seem to run slow despite being on top of the line equipment. Nearly every time this issue comes up it is caused by an improper hard disk configuration.

One of the most overlooked NetFlow Collector System Requirements that write heavy database servers have is disk IOPS (Input/output Operations per Second). You have to remember that a spinning disk is very limited on how many writes it can make at any given time, and if the collector cannot write to the disk fast enough it can cause a lot of problems.  This has been the root cause of a lot of slow NetFlow collectors.

Read more »

For a free 30 day trial of Scrutinizer, Download Now!

Sign up for Advanced NetFlow Training™ coming to a city near you!

Network Performance Analysis in a virtualized environment like VMware can be a tricky beast as often times everything is encapsulated using GRE tunnels between virtual switches.  What can we do? As luck would have it, most virtual switches support Netflow. Yes, vSphere NetFlow support is available. Read more »

For a free 30 day trial of Scrutinizer, Download Now!

Sign up for Advanced NetFlow Training™ coming to a city near you!

Are you in need of a Cisco NetFlow collector for network traffic analysis? Do you have an overwhelming amount of traffic on your network, but no way to tell who is using all the bandwidth? You’ve come to the right place! Our NetFlow reporting tool has the most flexible reporting engine available, so you can always find the flows you’re looking for.

Read more »

For a free 30 day trial of Scrutinizer, Download Now!

Sign up for Advanced NetFlow Training™ coming to a city near you!

In this blog I want to talk about enabling NetFlow on a VMware ESX. Netflow support has now been added to vSphere 5; by configuring your virtual switch to send NetFlow statistics to a netflow Analyzer you gain visibility into your virtual infrastructure. To be more specific, you will be able to monitor:

• VM to VM traffic on the same host
• VM to VM traffic on different hosts
• VM to devices outside the virtual environment.

For a free 30 day trial of Scrutinizer, Download Now!

Sign up for Advanced NetFlow Training™ coming to a city near you!

Are you looking to setup Smart Logging and Telemetry NetFlow (SLT) exports or to report on them? This blog covers how to enable SLT NetFlow exports.

Read more »

For a free 30 day trial of Scrutinizer, Download Now!

Sign up for Advanced NetFlow Training™ coming to a city near you!