Security Operations Archives

Define Cisco NBAR Applications: NetFlow Reporting

04.25.12 - Scott

Do you know how to define your own Cisco NBAR applications?

In today’s networks, application recognition is no longer one of those ‘nice to have’ options when it comes to traffic monitoring, it is a necessity.

Many vendors are now exporting application definitions in their flow exports.

Using NBAR, applications like H.323, Telnet, RTP, Exchange and Skype can all be identified. Additionally, if you are running IOS release 15.1 or higher, can be exported in NetFlow exports.

On a call last week, a customer was looking at various NBAR reports, and seeing a significant amount of traffic showing up as “unknown”, and was wondering what this traffic was and what was the best approach for handling it.

The best way to reduce the amount of “unknown” traffic is twofold.

NetFlow

Gartner Magic Quadrant: SonicWALL – IPFIX

04.18.12 - Jamie Lee

SonicWALL OEMs Plixer’s Scrutinizer for NetFlow and IPFIX Reporting and lands a top spot in the Gartner Magic Quadrant under the Unified Threat Management (UTM) category. Read more

Network Operations

Adtran NetFlow Analyzer

04.11.12 - Dale

Now that you know AdTran supports NetFlow, you need an AdTran NetFlow Analyzer. With the implementation of the Integrated Traffic Monitoring feature in AOS products, AdTran takes network traffic monitoring to a new level. You just need the right NetFlow reporting tool.

Our NetFlow application provides an incredibly high level of AdTran NetVanta NetFlow data analysis capability. It allows you to: Read more

Network Operations

Catalyst 4948E NetFlow-Lite and IPFIX Support: NetFlow Monitor

04.09.12 - Jamie Lee

PSAMP is what allows the Catalyst 4948E to support NetFlow-Lite and it is the first switch from Cisco to support IPFIX. This feature demonstrates Cisco’s commitment to IPFIX, a protocol slowly gaining ground on Cisco’s NetFlow in popularity. The main difference being that IPFIX is the proposed flow standard in RFC 5101 and 5102. Did you know that Cisco is one of the major proponents of IPFIX? Read more

NetFlow Analyzer

Monitor BYOD Traffic: NetFlow Reporting

04.05.12 - Michael

Most companies are taking the position that BYOD (Bring Your Own Device) is allowing businesses to gain more productivity from their work force. Because of this, Mobile Workers are on the rise and it is creating a new IT challenge. “Certain bring-your-own-device strategies present certain security risks: the introduction of mobile malware onto a hospital network, for example,” said Lynne Dunbrack, IDC Health Insights program director. Some hospitals embracing BYOD, are restricting BYOD devices to Internet access only. Why? Read more