We just released the new Scrutinizer 7.0 and finished shooting the new NetFlow Rap video. Things have been crazy here at work.
I just saw a tweet asking how NetFlow is handled on the ASA. Since Scrutinizer handles the flow from the ASA, I though I would post the information I have from Cisco explaining how NetFlow is handled in the ASA.
With the impending arrival of Scrutinizer version 7, Mix Master Mitch, not being one to rest on his laurels, has been working hard on new material. Due to the overwhelming support for the original NetFlow Rap, a followup was all but guaranteed.
Mitch, who still remains grounded after signing an exclusive deal with Plixy Plix Records for an undisclosed amount, has been spending many late nights creating phat beats for his new single.
I use Wireshark all the time. In general, I just scratch the surface by using it to test whether or not NetFlow is coming into Scrutinizer.
Golden Rule: Using an external third-party application, like Wireshark, to test connectivity helps establish credibility in any situation.
Most people whom I speak with have a general understanding of what a packet capture is. The problem is, they don’t know how to gather or use the data once they have obtained it. So I thought I would do a little homework and find some resources that provide some basic Wireshark training for the busy IT professional.
Plixer International is proud to present the YouTube debut of Mix Master Mitch’s first single, “NetFlow Rap”.
Enjoy!
Lyrics
Workin’ in IT’s a breeze
Got my chair back, feet up, crossing my knees (cuz I’m feelin’ it)
Got the collector running data, it’s reelin’ it
Writing data to mySQL, there’s no sense concealing it
Because I got it Scrutinized
A Big Mac, super sized
Just spent 9 grand, now all my NetFlow’s analyzed
Finally realized I needed a tool
Called up the Plixer and they took me to school
Engineer’s on site, and if that wasn’t enough
Even set me up to integrate their stuff with WhatsUp
Tables charts and graphs galore
Signed up for the webinar and learned that there was even more
Now I can run a report
And find out which cohorts are busy building heavy forts on my ports
Check my Top Conversations every single minute
Now when there’s a network battle, instantly I win it
There’s not another tool on the market to top this
I got a group and a flash map for every office
Now when I’m off eating crawfish
An alarm is set off, and I will know, so I can instantly stop this
So go to triple dub dot plixer.com
And download it off the web – don’t need a CD-ROM
So get a demo let them show you the tool
Cuz nobody thinks its cool to be the “I don’t know fool”
Go go to Plixer and they won’t steer you wrong
Then you too could sit back and listen to this song
But if you don’t go, I won’t be help responsible
When you get busted by the network constable
So just download and play today
They even have a free version if you don’t want to pay
Case in point, get your network fixed
And I know just the guy to do it, it’s the plkixey plix
You need this, in any given network today
Don’t know how you’ve been livin’ with no NBA
If every day you fall victim to performance paralysis
I don’t know why you think you don’t need behavior analysis
So if you’re waitin’, procrastinatin’, hesitatin’, and tool debatin’
You can escape from the fake statement you’re statin’ and makin’
It’s frustrating, making mistakes, because you’re pacin’ and waitin’
For the boss to stop flaking, wake up and stop the budget breaking
So many vowel sounds that now my head is aching
May fall off because it’s loose, just like the feet of Kevin Bacon
But back to the track and the point that I was makin’
Hold up, there’s a phone call that I’m about to be takin’
(hello)
There’s a radio station, somebody listens to it
But there’s an issue because there’s not enough legit bandwidth
We can resolve this real quick, just ran a report and found out that it’s Chris
Went to his cubicle and said Chris what’s this
The T1 is lit, the boss is pissed and pitching a fit
What’s that? How did we find out about it?
With the Plixer Flow Analytics
I spit this, just like a baby spits spinach
Flow Analytics will finish your decision, due to the features within it
Competition watching – chances of winnin’ business diminish
Like they were presidential running mates of Dennis Kucinich.
I’m in an airport waiting for a flight and reflecting on a meeting I had today with a customer to discuss the future of Scrutinizer. One of the many conversations relating to NetFlow and sFlow revolved around blocking Web sites such as Facebook, Youtube, Twitter, CNN, etc., and I think it is a shame. I think nearly everyone would agree that traffic to these networks could mean people are goofing off at work, but not always.
Your business can benefit from YouTube
Marketing departments in the most successful businesses today have recognized and are spending time and resources on these Web sites for something called permission based marketing. These sites are critical to businesses looking to learn more about their consumers, competitors and general interests in and around their respective products.
I’ve witnessed on several occasions employees, including myself, watching tutorials on YouTube to better understand how something works. Imagine, free instructional videos on how to do something. Why would we want to block that? The time these tutorials can save us from learning the old fashioned way can be considerable.
Company policy is usually the best strategy
Company policy should guide end user Internet behaviors; it shouldn’t be used as a tool for over-zealous managers or network administrators to ban the use of the Web. Through this effort, they can be taught to police their own behavior. Put obstacles in their way and they will resent management and look for ways to beat the security.
I love my kids
I have two little girls age seven and eight. When they get into an argument that doesn’t seem to resolve itself I step in and usually say something like, “You need to figure out how to resolve this or you are both going to your rooms.” I think 90% of the time the problem disappears. I feel people should be given the opportunity to govern themselves first.
Related post: Are you analyzing Facebook traffic on your networks?
Michael PattersonFirst it was YouTube, now it’s traffic from Facebook and Twitter that network managers are having to grapple with on 
their corporate nets. Even if you don’t participate on those sites yourself, you are bound to see your users accessing those places at some point. So what’s your company policy for those sites? Are you allowing them or blocking access because they – especially YouTube and other video broadcast sites – take up too much valuable bandwidth?
If the company policy is to block those sites your company could be losing out on using a valuable tool with which to communicate with your existing and potential customers. And for corporate collaboration, internal microblogging services such as Yammer, which focuses on the business market, is invaluable for getting groups updated without having to remember or type each member’s e-mail address.
For external communications, more and more organizations are using networks like Facebook to build community with their customers. If you’re a Facebook user, you can friend giants such as Ford Motor Company and Cisco and network with their friends. And for your career management LinkedIn is a great way to find contacts at old, existing and potential new employers.
However, such social networks aren’t without their risks. Analysts at Nemertes Research advise companies to “pro-actively develop and enforce policies for employee use of public social networking sites that enables legitimate business use while minimizing risk to intellectual property.” Nemertes says more than 54% of respondents to its unified communications and collaboration research said their organizations uses, is planning to use, or is evaluating social networks for internal and external collaboration.
So it sounds like traffic and bandwidth management is going to be key as organizations drive up the use of social networks. And that’s where Scrutinizer comes in handy with its ability to identify bandwith-hogging apps and more.
* If you’re on Twitter, you can follow your Plixer friends Michael Patterson, Scrutinizer product manager, and Tom Pore, Plixer Field Engineer, Marketing Executive, and Network Administrator.
Since the inception of the internet people have been saying that we were on the cusp of a new era in history – a digital age. One where our lives are linked seamlessly via a mass collective of shared information. On January 20, 2009, as Barack Obama was inaugurated as the 44th president of the United States, it became painfully obvious that we are no longer on the cusp of this digital age, but entrenched in it.
Many reports have the worldwide internet usage leading up to the inauguration spiking up some 54%. As President Obama began his speech that number, in the U.S., would reach as high as 60%. While we already know that Facebook can increase network bandwidth, the social media giant, who partnered with CNN to bring a streaming feed of the event to its overwhelming 150 million active users, may have reached new heights in causing congestion. Only five minutes after the inauguration, Facebook was touting over 200,000 status updates (1,000,000 by the end of the broadcast), with an average of 4,000 people commenting on the Facebook CNN feed every minute.
Early statistics show up to 1.5 billion people being expected to watch the inauguration, with many of them doing so via the internet. Akamai Technologies, a leader in the streaming media marketplace, claims tens of millions of viewers watched streams from them at some point during the day. The number of simultaneous viewers reached a company record of 7.7 million at one point.
With the increased usage of online media sources comes an increased stress on corporate infrastructures around the globe. It is now more critical than ever to watch not only the amount of content traversing the corporate network, but the type of content. Although an important moment in American history, it raises the questions, “Is it business critical? How can it impact applications that are crucial for business operations?”
This is obviously an event that many want to be a part of or feel involved in, and the internet certainly makes that possible. But when it comes down to increasing internet usage on the corporate presence to potentially harmful levels, IT managers will inevitably have to make these kinds of hard decisions.
Using available technologies like NetFlow and SNMP to monitor network bandwidth usage can be helpful, because it can tell us if the type or amount of traffic filling the pipes is harmful. When is enough enough?
There’s no doubt that as more and more average users begin to utilize streaming media services from work, the preventative safety measures we put in place become all that much more important to maintaining network stability. While we are trying to keep Facebook and CNN traffic at bay today, tomorrow we will be attempting to block YouTube traffic for those that didn’t watch the event live.
Perhaps it’s time for us all to truly develop a little patience and put our TiVo® to good use.
Since the initial launch of the Flow Analytics add-on module for Scrutinizer, we’ve received quite a bit of praise and commendation for such a solid product. I’m not sure that even we were prepared for the success that was to follow this title.
Coming from the technical standpoint, it’s been interesting to see our product at work on other people’s networks.
During our initial installs, we have found worms, port scans and a plethora of strange behaviors that our customers were not aware of. It even found malicious activity on my own laptop (not going into that again).
But one awesome piece of software deserves an awesome update, right?
With release pending, the 1.1 update is going to bring Flow Analytics to a whole new level that all our customers are going to love!
I’m going to include a couple screenshots that will be sure to get you excited about the new update.
Check it out! With the above new gadget, now you will know what domains are popular on your network. Ever wonder if anyone is using or abusing YouTube or Ebay?
Another really cool new addition: Now you can keep track of where in the world your traffic is being directed. Seriously guys, how much more traffic visibility could you ask for?
These are just two small samples of the new features we’ll be including. On top of that though, we’ve added quite a few more algorithms to ensure that you know whats going on on your network.
I hope you will enjoy this product as much as we have and a big kudos goes out to our developers for all the hard work they have put into another great title from Plixer!
Nate
Hi Everyone,
After coming off almost 2 weeks vacation with plenty of rest and relaxation it’s time to dive back into everything NetFlow, the blood that runs through this company. Before getting immersed in too much work check out this video of me and others celebrating a new years tradition of ice swimming, otherwise known as the Petit Polar Plunge. The air temperature was 10 degrees without the windchill, brrrr.
-Tom PoreJoin us for a couple of webinars on our Flow Analytics tool. Learn how you can take NetFlow to the next level.
Register for a webinar below:
Presented by:
Michael Patterson
Scrutinizer Product Manager
I hope to you can join us.
Jon Mills
Marketing Manager
