“Does my WatchGuard firewall support NetFlow?” Customers who have WatchGuard firewalls have asked me this question many times over the years.The answer is YES! We can finally put WatchGuard on the list of firewalls that support flow technologies. … [Read more...] about WatchGuard NetFlow Configuration
Using Host Indexing to Investigate IP Addresses
I want to introduce you to a very cool, very powerful search function for investigating IP Addresses.We talk all the time about how NetFlow and IPFIX technologies fit very well in the behavior analysis side of a layered security solution.NetFlow is a … [Read more...] about Using Host Indexing to Investigate IP Addresses
Palo Alto Networks: NetFlow Reporting and Username Correlation
A few years ago, I wrote a blog that talked about how our Palo Alto NetFlow reporting allows network administrators to easily identify traffic trends occurring on the network. The application and username correlation reporting has proved to be extremely value … [Read more...] about Palo Alto Networks: NetFlow Reporting and Username Correlation
Monitoring SD-WAN Traffic with NetFlow
Many businesses have, or are thinking about replacing their MPLS network infrastructure with Software-Defined Wide Area Networks (SD-WAN). They want more flexible, open, cloud-based, and cheaper WAN technologies. SD-WAN can provide this. In this blog I’ll talk … [Read more...] about Monitoring SD-WAN Traffic with NetFlow
Username Reporting – NetFlow Integration with Cisco ISE
Traditionally in networking, we track down end systems by searching on IP addresses. Although this is a great way to narrow in on an end system, what do you do if the IP address changes? Would you benefit if you could associate the host IP to an actual … [Read more...] about Username Reporting – NetFlow Integration with Cisco ISE
Cisco Catalyst 9300 NetFlow Configuration
One device that I am beginning to see a lot more of at my customer sites is the Cisco Catalyst 9300. I figured that I would take this opportunity to walk through the Cisco Catalyst 9300 NetFlow configuration, and provide a sample reference document for … [Read more...] about Cisco Catalyst 9300 NetFlow Configuration
Configuring Flexible NetFlow to Monitor Network Activity
Over the past few weeks, I have taken a number of support calls from customers who were looking for help with their Cisco router Flexible NetFlow configuration. There were many times where the customer set up the record, but they did not build it to get the … [Read more...] about Configuring Flexible NetFlow to Monitor Network Activity
How to Set Up Enhanced Wireless Network Visibility
It has been several years since Cisco introduced wireless NetFlow support on their Wireless LAN Controller (WLC) platforms. Using the Application Visibility and Control functions, this export provided some unique visibility into the wireless network traffic, … [Read more...] about How to Set Up Enhanced Wireless Network Visibility
How to Detect ICMP Tunneling
Are you aware of any data tunneling that might be occurring in your network? Do you think that your network is totally secure? If your company network connects to the internet, there is a very good chance that your business is not safe from all forms of … [Read more...] about How to Detect ICMP Tunneling
Cumulus Networks sFlow Configuration
I have been working with a number of customers recently who use Cumulus Networks sFlow as a means to monitor network traffic.Cumulus Networks designs and sells a Linux operating system for industry standard network switches to deliver networking solutions … [Read more...] about Cumulus Networks sFlow Configuration
Social Media