Best at NetFlow solutions should provide value way beyond NetFlow Reporting. As a leader in Flexible NetFlow analysis we recognized this need years ago when we put together the architecture for Flow Analytics. Most people use a NetFlow Analyzer to look for problems when someone calls with a connection issue. Read more »
Michael Patterson
Why do you want to know what is going on in the traffic flow of a network?
What’s the point?
Why doesn’t utilization alone cut it?
Network Administrators don’t typically have a lot of time on a day-to-day basis. There is always some fire to fight, some network or user issue that comes up. Most times your juggling more than one issue at a time. So you find yourself spending most of your time trying to keep the network running and the users happy.
A Network Administrator’s abilities are only as good as his awareness of what happens on his network.
Monitoring and maintaining your network traffic and bandwidth utilization used to be an overlooked aspect of your job. But evolution of technology has changed the makeup of networks everywhere and has forced network managers to include Flow analysis and monitoring in their network management strategies.
Network Flow Analysis is the art of studying the traffic on a computer network. It is the industry-standard method of collecting and recording network traffic. Flow analysis lets you see what types of traffic passed between hosts, without having to reproduce the problem.
The other day I took an interesting call from a customer who was concerned because he was suddenly seeing his flows per second count almost double. He had just upgraded his Scrutinizer NetFlow and sFlow traffic analysis application to the latest version and he thought that maybe something had changed to cause this to happen.
I assured him that nothing in the Scrutinizer upgrade would have caused him to see his flow count increase. And after talking with him, I learned that he had also just upgraded the IOS on his routers.
Were we looking at some kind of a ”perfect storm“ scenario?
Of course not!
Consider this – customer calls in and says that a workstation on his network was scanning their entire corporate network and how can he be alerted on this type of behavior? The behavior wasn’t exactly malicious, but rather that someone had installed an inventory application on their desktop which scanned their entire network with snmp scans.
So, no, it wasn’t malicious activity, but that sort of network monitoring also was not authorized for that individual on their network.
Using Scrutinizer NetFlow and sFlow Analyzer, he asked how he could detect that sort of network traffic.
Read more »
The following article, “Scrutinizer Brings Flow Analytics to SMBs“, written by David Diaz, was recently featured on TechCrunchIT.
David points out that with the low initial cost for Scrutinizer NetFlow & sFlow Analyzer, it is a very affordable Flow Analytics solution for small and medium-sized businesses.
This flow analysis tool can also be deployed centrally and accessed globally via the web interface. What this means is that one install of Scrutinizer can provide network management information for your entire network and accessible by everyone on the network management team, regardless of geographical location.
The top security threat in enterprise environments during the first half of the year was the Conficker worm, Microsoft says in its Security Intelligence Report (SIRv7), which covers the first six months of 2009. Read more »
Michael PattersonMany companies are primarily concerned with Internet security threats. I feel that majority of security threats are derived internally. According to Forrester Research, the majority of security breaches involve internal employees, with some estimates as high as 85 percent. Read more »
Michael PattersonOptimization of the network often starts with removing traffic that doesn’t need to be there. This topic has been a growing concern for several years. Just ask google.com:
Is your network compromised? Network scans, illegal applications? Want to view the top ten Conversations across your network? How about setting DNS resolution to occur automatically on a regular basis? Or send a syslog when a set threshold is exceeded based on criteria set in a saved report?
With Scrutinizer v7 and Flow Analytics as your network management tool, all of the above can easily be managed and reported on.
Reporting on traffic impacted by Cisco WAAS using NetFlow requires the use of egress flow in NetFlow v9. Consider the diagram below where the traffic going in on interface 1 should be compressed by WAAS before it leaves on Interface 3:
