maxdog0099
asked on
Does the ASA 5510 and ASA 5520 support NetFlow?
I'm having a hard time finding any information on whether the ASA 5510 and ASA 5520 support netflow?
Nope.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks everyone for the responses. I didn't feel that netflow was supported, but could not find any supporting .docs or links to state that...
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
aconaway, thanks for the link. It looks like with the 5580 they have released a new level (8.1) of ASA software which now does include NetFlow. The next question is will the other ASA boxes get support for 8.1 and NetFlow? I guess as Cisco releases more info we will find out.
NetFlow in a firewall is rare (does it even exist anywhere else?), but you'd think it would be helpful for a lot of people. I imagine the NATting and CPU requirements make it very difficult to implement and run without doing huge rewrites and a huge processor upgrade.
I think I'd pay for it, though, just to have that functionality. :)
I think I'd pay for it, though, just to have that functionality. :)
While it's not Netflow, the ASDM 6 and IOS 8.0(3) provide a crude way of monitoring where your bandwidth is going.
Go to ASDM - Home - Firewall Dashboard and enable threat detection or enter the lines
threat-detection basic-threat
threat-detection statistics
You'll then have a Top 10 Usage Status Graph that you can use to view Bytes Transferred in last few hours.
Go to ASDM - Home - Firewall Dashboard and enable threat detection or enter the lines
threat-detection basic-threat
threat-detection statistics
You'll then have a Top 10 Usage Status Graph that you can use to view Bytes Transferred in last few hours.
ASKER
Thanks for answering this. I appreciate the help.
The netflow feature is a software option, and version 8.1 will get it on all the asa models, even the 5505.
Scrutinizer is free and it support NetFlow from the Cisco ASA Firewall:
http://www.plixer.com/products/netflow-sflow/free-netflow-scrutinizer.php
Here is how to configure it:
http://www.plixer.com/blog/netflow/netflow-security-event-logging-with-the-cisco-asa/
Mike
http://www.plixer.com/products/netflow-sflow/free-netflow-scrutinizer.php
Here is how to configure it:
http://www.plixer.com/blog/netflow/netflow-security-event-logging-with-the-cisco-asa/
Mike
According to Cisco:
"The feature was introduced in ASA 8.2.1/ASDM 6.2.1. For information on the feature itself, its functionality and limitations you can read here. The document below presents how to use ASDM to configure the ASA to send Neflow information to the Netflow collector."
This leads me to believe that any ASA that can run those versions of ASA/ASDM can run/support NetFlow.
https://supportforums.cisco.com/docs/DOC-6114;jsessionid=AB591CDEAFF6B779924BAC90890BEF10.node0
"The feature was introduced in ASA 8.2.1/ASDM 6.2.1. For information on the feature itself, its functionality and limitations you can read here. The document below presents how to use ASDM to configure the ASA to send Neflow information to the Netflow collector."
This leads me to believe that any ASA that can run those versions of ASA/ASDM can run/support NetFlow.
https://supportforums.cisco.com/docs/DOC-6114;jsessionid=AB591CDEAFF6B779924BAC90890BEF10.node0