What’s new in Scrutinizer v7 Cisco NetFlow Analyzer – Part 4

Posted in NetFlow, NetFlow Analyzer, Scrutinizer on July 9th, 2009 by tomp@plixer.com
what%e2%80%99s-new-in-scrutinizer-v7-cisco-netflow-analyzer-%e2%80%93-part-4

Today, I am going to cover five new features available in Scrutinizer v7, as Part 4 of 5 in our “Whats new in Scrutinizer v7″ series. If you will recall, Nathan started this series off by covering encryption exclusions, more flows, collector improvements, group permissions for users, and proxy server configuration. Jon continued with part 2, covering overriding report intervals, Google Map connections, host and application quick search, user profiles, and alarm category filters. Last week, in part 3, Joanne blogged about applications being defined by combination of ports and IP addresses, emailed reports on demand or scheduled for regular time intervals, stacked trend graphs on all reports, LDAP and Active Directory support, and extensive flexibility for VoIP reports. This week I have five features that you’ll use time and time again.

Read more »

-Tom Pore
Follow me on Twitter
Tags: , , , , , , , , , ,

1 Comment »

How to spot IP address violations using Flow Analytics, NetFlow Analyzer

Posted in General, NetFlow, Network Problem Resolution, Network Traffic Analysis, Scrutinizer on April 2nd, 2009 by miltong
how-to-spot-ip-address-violations-using-flow-analytics-netflow-analyzer

Last month, I wrote a blog featuring the value of Flow Analytics entitled: Downadup/Conficker Worm caught by using Flow Analytics, NetFlow Analyzer. Flow Analytics is a great tool that provides you with many useful algorithms. Today, I’ll focus on one of them: the IP Address Violation algorithm.IP Address Violations gadget

The IP Address Violation algorithm allows you to define permissable subnets/ CIDR across your network. (Exp. 10.1.0.0/16). The IP Address Violation algorithm can alert you, via exported syslogs, if there is traffic generated from an IP address that is not part of an allowed subnet defined within the gadget. For example, this gadget would come in handy if someone installed a Linksys wireless router on your network that started to hand out DHCP addresses, or even a laptop with a static IP.

Here are some instructions on how to configure approved subnets for your network.

First find the Flow Analytics Overview gadget in your MyView window, then click on the plus sign where it says IP Address Violations.

In the drop-down row, click on the icon with the little people in it. (Guess we don’t have an official name for that icon.) A window will pop up called Allowed Permissable SubnetsSubnets where you want to place the subnet and CIDR you want to allow on your network.

If you have any questions, please do not hesitate to call Tech Support at 207-324-8805 Ext:4

Milton

Tags: , , , , , , , ,

Leave A Comment »