I know of only two NetFlow training classes available: Lancope University of NetFlow and Plixer’s Advanced NetFlow Training™. Both classes are held in professional training facilities around the country and will certainly familiarize you with the basics. It’s important to differentiate between the two courses as the content is considerably different.
The Plixer Advanced NetFlow Training™ course covers the basics and digresses on what’s new:
- Troubleshooting the network with NetFlow
- Optimizing BYOD & cloud services
- NetFlow Sizing (NetFlow Calculator)
- Finding specific traffic by leveraging filters
- Leveraging identity aware flow data
- Network Access Translation
- Cisco ASA, Catalyst Switches, ISRs and other hardware vendors
- Internal network threat detection with NetFlow
- Tuning behavior algorithms (e.g. DDos, Excessive SYNs, etc.)
- Creating custom monitors
- Hunting through the data, finding a breach, where did it come from?
- Tracking all lateral movements of a threat
- IP host reputation monitoring
- Event correlation and setting notifications
- NetFlow replication
- Scaling NetFlow collection
- Distributed collection
- Flow deduplication and stitching
- Configure Flexible NetFlow
- Generate traffic within the lab
- View resulting NetFlow reports and alerts
- Leveraging new NetFlow and IPFIX technologies
- Performance Monitoring (Medianet)
- Performance Routing
- Performance Agent
- Smart Logging Telemetry
- Cisco TrustSec
Once you complete the Advanced Netflow Training™ Seminar, you are on your way to becoming a NetFlow Knight™.
The Lancope University of NetFlow course covers the NetFlow basics with an introduction to StealthWatch™:
- Gain end-to-end visibility into all application and network traffic across physical and virtual networks
- Gain real-time overview of network usage, network performance and host integrity
- Identify what is actually happening on your network (when and by whom)
- Pinpoint zero-day and unknown threats that bypass perimeter security
- Demonstrate Faster Incident Resolution & detailed Forensic data
- Demonstrate Compliance
- Regain network visibility lost through MPLS migrations
- Pro-actively monitor for threats impacting network performance and application availability
- Profile hosts to specify allowed service usage and alarm on disallowed usage or out of profile conditions
- Gain a better understanding of the impact of new application and service deployments
Source: Lancope.com When you graduate from the NetFlow University you may be on your way to becoming a NetFlow Ninja™!
What is the difference between these two great courses on NetFlow? The Plixer course spends a little time on the basics and moves right into where the NetFlow and IPFIX technologies are today and where they are going. If you have any questions, reach to our NetFlow instructors, as they have experience with both courses.
If you are looking for the answer to the Lancope Vs. Plixer (or Stealthwatch Vs. Scrutinizer) debate, I don’t think there is one. I will say that Lancope StealthWatch tends to focus on threat detection. Plixer is focused on being a complete Flexible NetFlow solution with reporting and threat detection. As of this date and to the best of my limited knowledge, Lancope isn’t involved with most of the Flexible NetFlow innovations like performance monitoring, that are coming out of Cisco.
For a free 30 day trial of Scrutinizer, Download Now!