NetFlow data provides great insight into network traffic; however, due to its volume, if the right analysis tool is not being used, some critical network health information can stay hidden. I’ve seen NetFlow collectors that receive over 3000 flows per second from dozens and sometimes hundreds of devices. With this kind of flow volume you need an application that goes beyond reporting so that you don’t spend time staring at utilization graphs, protocols and thousands of IP addresses.
You need a Netflow Analyzer that detects and alarms on behaviors that could compromise the health of your network. Most admins actually dig into NetFlow data only when they are looking for what’s causing network problems. What if issues were detected before anyone complains so that proper precautions are taken? That’s why in this blog, I would like to focus on one of the most important functions of Flow Analytics:
NETWORK BEHAVIOR ANALYSIS: Flow Analytics is the network behavior analysis component of the NetFlow and sFlow Analyzer. It constantly monitors all flows for behaviors that could negatively impact the network:
  • Networks scans,
  • Illegal IP addresses,
  • Peer to Peer (Ex: bitTorrent),
  • Internet Threats,
  • Null Scan,
  • DDoS attacks,
  • Excessive multicast traffic,
  • RST/ACK worms,
  • etc...

Threats Overview Gadget Image

It interrogates every flow from every host from selected flow exporting devices for suspicious patterns and anomalies. All flows across selected flow sending devices are monitored at all times. It also allows you to set inbound thresholds on your reports and it alarms whenever these thresholds are violated. For every detected attack it tells you who was the attacker, and with a single click you can open a report on all the activities of the offender for the last hours.
I hope I’ve convinced you to use a traffic analysis tool that actually does analyze the traffic. Please feel free to contact me if you have any questions.
Dale Locke author pic

Dale

Dale Locke is the Regional Manager for the southeast US at Plixer. He works with prospects to solve the unique needs of their network and visits existing customers to assist with training. He enjoys developing new partnerships and building long lasting relationships with his clients. Dale's favorite hobbies include fishing, hiking, soccer, and football.

Related

Leave a Reply