Our Network security solution is a leader in cutting edge NetFlow collection innovation; here are top 13 features you should know about:

1. Chosen by Cisco to support their most innovative Flexible NetFlow technologies.  The “Medianet 2.2 Deployment Guide”   can be found on page 7,8,10 & 11.  We were the first to support Cisco Performance Monitoring (PfR) FnF exports which help secure that business related traffic receives priority. Read more »

For a free 30 day trial of Scrutinizer, Download Now!

Sign up for Advanced NetFlow Training™ coming to a city near you!

Earlier this year Barracuda Networks enabled IPFIX support on their NG Series firewalls. This export provides great visibility into your network traffic as well as network Threat Detection.

Let’s take a moment to go over the configuration to get these exports going:

Read more »

Scott Robertson
Sr. Solutions Engineer

For a free 30 day trial of Scrutinizer, Download Now!

Sign up for Advanced NetFlow Training™ coming to a city near you!

Network Address Translation reporting is now available from NetFlow exported from the Cisco ASA.

The traditional NetFlow reporting that can be done from the Cisco ASA is great. But have you noticed that when your firewall NATs an address, it becomes the source or destination within your flows, and thus makes NetFlow a lot less useful.

How can you tell who this conversation is going to when the destination address is NAT’d?

We are one of the only flow analysis technologies that can currently report on the non-traditional,  unique NSEL elements being exported, such as username, NAT, ACLs, and event codes.

Read more »

Scott Robertson
Sr. Solutions Engineer

For a free 30 day trial of Scrutinizer, Download Now!

Sign up for Advanced NetFlow Training™ coming to a city near you!

Just discovered, FatPipe NetFlow support is available on FatPipe’s WARP 5.2 high-speed clustering device. We are in the process of checking out this export to see if they are exporting any additional information beyond the NetFlow v5 tuple. I’m sure the developers at FatPipe are discussing exporting IPFIX to report on their patent pending SmartDNS and Inbound line failover, as well as their WAN optimization. As WARP is currently exporting NetFlow v5, Scrutinizer supports their export. Read more »

- Thomas Pore

For a free 30 day trial of Scrutinizer, Download Now!

Sign up for Advanced NetFlow Training™ coming to a city near you!

How do you configure your NetScaler to gain insight into your network using AppFlow and an advanced NetFlow analyzer to collect user-session level information? This information is invaluable for application performance monitoring, analytics, and business intelligence applications.

 

 

 

 

Read more »

Scott Robertson
Sr. Solutions Engineer

For a free 30 day trial of Scrutinizer, Download Now!

Sign up for Advanced NetFlow Training™ coming to a city near you!

Do you know how to define your own Cisco NBAR applications?

In today’s networks, application recognition is no longer one of those ‘nice to have’ options when it comes to traffic monitoring, it is a necessity.

Many vendors are now exporting application definitions in their flow exports.

Using NBAR,  applications like H.323, Telnet, RTP, Exchange and Skype can all be identified. Additionally, if you are running IOS release 15.1 or higher, can be exported in NetFlow exports.

On a call last week, a customer was looking at various NBAR reports, and seeing a significant amount of traffic showing up as “unknown”, and was wondering what this traffic was and what was the best approach for handling it.

The best way to reduce the amount of “unknown” traffic is twofold.

1. Read more »

Scott Robertson
Sr. Solutions Engineer

For a free 30 day trial of Scrutinizer, Download Now!

Sign up for Advanced NetFlow Training™ coming to a city near you!

The other day we solved a unique customer problem when we figured out that we could monitor IP SLA with Flexible NetFlow instead of SNMP.

What was the problem?

The customer wanted to monitor latency using Cisco Medianet Performance Monitoring but, because the round trip time (RTT) is only calculated during the initial TCP hand shake and then stays up all day, a continuous latency reading could not be obtained.

Read more »

Scott Robertson
Sr. Solutions Engineer

For a free 30 day trial of Scrutinizer, Download Now!

Sign up for Advanced NetFlow Training™ coming to a city near you!

has been improved in some of the latest VC 6.x releases. I worked on a NetFlow reporting issue with a VC 6.0 user in the past trying to figure out why his NetFlow Analyzer was not showing the expected amount of traffic. We used Wireshark and found that a large number of flow packets were being exported without flow data, therefore were useless and discarded by the collector. Since he upgraded to VC 6.2, he was able to see all his traffic.Vyatta now supports MAC addresses, as seen in the image below! Read more »

For a free 30 day trial of Scrutinizer, Download Now!

Sign up for Advanced NetFlow Training™ coming to a city near you!

NetFlow reporting is about more than reporting on top x (e.g. Hosts as shown below). Scrutinizer has the most canned reports over every other Netflow Analyzer on the market. In fact, we have so many that we had to add logic to version 8 so that certain reports (e.g. NBAR Reports) don’t show up unless the NetFlow / IPFIX collector is receiving the necessary fields in the NetFlow templates.

Read more »

Michael Patterson
Founder and CEO

For a free 30 day trial of Scrutinizer, Download Now!

Sign up for Advanced NetFlow Training™ coming to a city near you!

Today I wanted to give a little introduction to traffic monitoring that uses NetFlow technology; I will be focusing on what is involved in setting up a NetFlow traffic monitoring system. Most of these systems have three major components, the most simplistic would have: a NetFlow exporter, a Netflow collector, and finally a NetFlow analysis software.

A. Exporter: It is any network device with NetFlow exporting capability. An exporter gathers traffic information in UDP packets, and sends them to a server were the traffic information is stored and analyzed. It could be a router, a switch, or a software based routing appliance that can be configured to send NetFlow . If you are using Cisco you might want to check in the following list to see whether your devices are in the series that supports NetFlow. Read more »

For a free 30 day trial of Scrutinizer, Download Now!

Sign up for Advanced NetFlow Training™ coming to a city near you!