Recently we created a bunch of new NetFlow reports for the exports and a solution for NAT Session Logging was one of the goals. This is not the first time we have created reports for this. We have also created NetFlow NAT Reports for:

• Palo Alto NetFlow exports
• Cisco ASR NetFlow exports

If you need help with your Cisco ASA NetFlow Configuration using ASDM there are some great “how to” videos on youtube.com. Reporting on NAT with NetFlow is sure to improve your network traffic monitoring efforts.

We also created some nifty reports that display the ACLs violated.

Let us know if you need any help setting all this up.

Visit our website to download a 30 day trial of Scrutinizer

Join the NetFlow Developments group on LinkedIn.

NetFlow has come a long way in the last few years.  For example, here’s a list of some new information that can now be monitored and filtered on by exporting NetFlow or IPFIX packets from your routers, switches, and firewalls.

•    Medianet
•    Host/Application Latency
•    VoIP with Caller ID
•    Configuring Cisco ASA NetFlow Exports
•    NBAR
•    URLs
•    Mac Address and VLAN

Now that’s a whole lot of information that you can get from your NetFlow Analyzer!

So what is all this new information?

Read more »

Visit our website to download a 30 day trial of Scrutinizer.

Join the NetFlow Developments group on LinkedIn.

Our Product Manager, Michael Patterson, has recorded another great video about configuring NetFlow exports on the Cisco ASA Firewall using ASDM.

Read more »

Visit our website to download a 30 day trial of Scrutinizer

Join the NetFlow Developments group on LinkedIn.

So, have you asked yourself, should I upgrade to Flexible NetFlow?  And if you have, has the next question been, why?

Here are 10 reasons for using Flexible NetFlow over NetFlow v5.  We posted a blog some time ago on What is Flexible NetFlow (FnF)  that might be helpful to those not familiar with FnF.

Read more »

Over  the last few weeks I have taken a number of support calls from customers who were looking for some assistance configuring their Cisco ASA. So I figured that I would take this opportunity to revisit some older blog subjects.

In my opinion, the easiest way to get NSEL exporting from these security appliances is through the use of the ASDM interface. This simple, GUI-based firewall management tool allows you to quickly configure the Cisco ASA without having to use the cumbersome command-line interface.

Read more »

I was talking with our newly appointed Pre-Sales Support Specialist, Scott, the other day when we realized that we don’t have a NetFlow Glossary blog, so I wanted to take this opportunity to consolidate some resources and highlight some of the key NetFlow terminology that we find ourselves talking about on a daily basis.

NetFlow Terminology:

Bidirectional Flows
Flexible NetFlow
Ingress vs. Egress
Interface 0
ip-flow timeout active 1
IPFIX
ip route-cache flow vs. ip flow ingress
NBAR
NetFlow Collector and Analyzer
NetFlow Exporters
NetFlow Options Templates
NetFlow Probe
NetFlow Replicator
NetFlow v5 vs. v9
NSEL
sFlow

Read more »

Visit our website to download a 30 day trial of Scrutinizer

Join the NetFlow Developments group on LinkedIn.

What’s your favorite color? Chances are that your favorite color is not the same as mine. When you use Windows, are you a fan of the old classic view, or do you go for the new Windows look?

We have all been talking about Plixer’s NetFlow analyzer, and how it provides the best in traffic analysis, with its ability to support Flexible NetFlow, NBAR, and Cisco ASA NSEL. But did you know that as a Scrutinizer user, you have different options when it comes to how you want our NetFlow and sFlow Traffic Analysis Tool to look?

Currently there are 5 different skin types available to select from. They are configurable on a per user basis. So if you are in a dark kind of mood, you can change to a dark skin with either green or yellow text.

Read more »

Yes, you can use NetFlow to monitor traffic and bandwidth usage on an ASA.

One of the primary uses for NetFlow on a Cisco ASA is as a transport protocol for security events. But if you are using the right NetFlow Analysis tool, you can also analyze traffic using NetFlow sent from the Cisco ASA.

This is really important as I have seen many companies that have remote sites that are connected with a Cisco ASA, but had no devices behind the ASA’s that supported NetFlow. This meant that they couldn’t leverage NetFlow to analyze traffic.

Read more »

Visit our website to download a 30 day trial of Scrutinizer

Join the NetFlow Developments group on LinkedIn.

A few months ago Nathan invited us to take a deeper look at NSEL. NSEL is the NetFlow exported from an ASA Firewall. He showed us how to enable and configure ASA for NetFlow.

Traditional NetFlow records upstream and downstream traffic between two end points as two different flows. In the case of an ASA device, most bidirectional flows are already assembled internally and are considered a single flow. So the flow records reported by NetFlow on an ASA Firewall will describe both directions of the flow.

Today I am going to do brief overview of what each of the templates is telling us.

Read more »

NSEL (NetFlow Security Event Logging) is the type of NetFlow exported from an ASA Firewall. The purpose of NSEL is to track firewall events via NetFlow and to have a summary of all conversations associated with that event type.

The three most popular event types that trigger a NetFlow record are:

                                            * flow-create
* flow-denied
* flow-teardown

Read more »