Cisco NetFlow and Flow Analytics, an add-on for Scrutinizer NetFlow Analyzer, can help track unwanted applications on your network.

Using the updated Top Applications algorithm and gadget available in Flow Analytics v2, you can see at a glance all unwanted applications. If an application is not in your “allowed list”, it will be highlighted in yellow.

top-applications

Let’s look at the traffic generated for the here-lm application. By clicking on the application name (here-lm in this example), the following window will open:

top-applications-2

From this window, we can get the Interface and Src Address of the flow conversations, and drill down further by clicking anywhere on the line. We’ll click on the line circled in red which opens this window:

top-applications-3

Now we can see the flow detail for this conversation to determine when this traffic was generated and by whom.

This is just one of many examples of the information available in Cisco NetFlow packets. If you’re not yet monitoring Cisco NetFlow on your network, it is certainly worth checking out. There are many free NetFlow analyzers available on the market, including Plixer’s Scrutinizer Free Edition.

Joanne Ghidoni author pic

Joanne Ghidoni

Joanne is a Software Quality Assurance Engineer at Plixer. She has also held positions as Technical Support Engineer and Sales Engineer since joining Plixer in 2005. Prior to joining Plixer, Joanne has had numerous positions in the IT field, including data entry, computer operator, PC coordinator and support, mainframe programmer, and also Technical Support and web programmer at Cabletron Systems. In her spare time, Joanne enjoys traveling, always seeking out new and interesting places to visit.

Related

Leave a Reply