How many of you use the ASDM interface of your Cisco ASA to view traffic patterns in real-time? I thought it was pretty slick when one of our customers showed it to me a few years ago. We have since acquired our own Cisco ASA and have started learning more about the Cisco ASA NetFlow exports. Below is a screen capture showing how it can trend the volume of traffic, volume of connections as well as the CPU and memory usage all in real-time.

Real Time Interface Cisco ASA

About a year ago we were contacted by SonicWALL to take a look at their NetFlow exports. After some discussion, they decided to support IPFIX for all of their exports. Within a few months, we had a SonicWALL 3500 and started creating SonicWALL IPFIX reports.

A few months ago, they released a web interface that in some ways is similar to the Cisco ASDM interface.

Real Time Interface SonicWALL NSA 3500

You can find information on configuring the ASA NetFlow Exports and the SonicWALL IPFIX exports on Systrax. Since security and network traffic monitoring are important parts of most businesses, I thought a blog on this was worth a quick read.

Thomas

Thomas Pore is the Director of IT and Field Engineering at Plixer. He developed and leads, the Malware Incident Response and Advanced NetFlow Training programs which are being offered in cities across the USA. He is also an adjunct professor at the local community college and teaches ethical hacking. Thomas travels the globe meeting with customers and trying improve the Scrutinizer network incident response system. He helps clients optimize threat detection strategies and aids in the configuration of custom incident response solutions. He has a Bachelor of Science in Computer Science from Dickinson College.

Related

Big Data

Sankey Flow Graph

One of the greatest benefits of NetFlow collection for traffic analysis, is we’re provided with the ability to visualize the…

Leave a Reply