We are one of the first vendors to add A10 Networks IPFIX support. Apparently the AX Series hardware that includes support for dual stack lite also provides support for NetFlow v10 (IPFIX). If you want to try it out, it is available as of ACOS 2.6.6-P4.

Thunder TPS IPFIX Support was added as well. This product line of Threat Protection Systems provides high-performance, network-wide protection against distributed denial of service (DDoS) attacks, and enables service availability against a variety of volumetric, protocol, resource and other sophisticated application attacks.

Hardware from A10 Networks supporting IPFIX

IPFIX Vs. sFlow

A10 Networks is falling in line with nearly all other major security vendors that are supporting IPFIX. Vendors supporting IPFIX include but are not limited to Barracuda, Bluecoat, Cisco, Fortinet, IBM, Juniper, Solera and SonicWALL. Many of these vendors also support the less popular and proprietary sFlow technology which is limited to packet sampling. For this reason, in most cases sFlow is only good for determining the top 10 applications and hosts. It usually can’t be used for malware investigative response because it almost never captures all of the data you need to look at. IPFIX on the other hand, captures 100% and is based on Cisco’s NetFlow v9 technology.  Last summer it became the official IANA standard! Good news, IPFIX includes all of the sFlow capabilities.

Look for exciting new reports from your network traffic analysis system that is capable of collecting IPFIX and reporting on the unique elements exported in the flows. Some vendors like Cisco, SonicWALL and Plixer include the URL or domain when they export IPFIX. The sFlow technology has no reliable way to support the export of these details.

IPFIX is the Official Standard

More companies are adopting IPFIX for several reasons:

  1. It provides the greatest insight into the traffic passing through the device. Short of disrupting service and inserting a packet probe on every link of the network. IPFIX provides 90% of the visibility needed to determine what is using the connection.
  2. IPFIX exports the data to a collector which can be called upon in times of Malware Incident Response. Every IPFIX capable device on the network is a type of video camera catching and exporting details about everything passing through it.
  3. IPFIX allows vendors to export details about whatever they want. Latency, packet loss, retransmits, URLs, TCP window size, jitter, codec, etc., vendors can export any detail they want in order to provide greater traffic insight to the customer.  This could also give them a competitive edge.

A10 Networks IPFIX Bottom Line

Our collection system is 100% compatible with the A10 Networks IPFIX export. If your team needs help configuring the A10 Networks hardware to export IPFIX, give us a call. We can help you get it exporting the correct data and soon you’ll be reporting on all the juicy details.

Jamie Lee

Jamie Lee

Jamie Lee is Regional Manager for West coast at Plixer. He works with prospects solve the unique needs of their network and goes onsite visiting existing customers and assist with training. He enjoys deveolping new partnerships & building long lasting relationships with his clients. Jamie loves the outdoors and favorite hobbies include fishing, hiking, and football.

Related