Solved

NETFLOW requirements

Posted on 2011-09-19
2
311 Views
Last Modified: 2012-05-12
Hi,

we are planning to install a Netflow server but i dont have any knowledge about Netflow.
What is the basic pupose of the Netflow server and what are the Prerequisits eedsed to deploy and where to connect means is it should be in LAN or outside the Firewall.

What are the hardware resources required ?
What is the configuration required in Firewall or Router?
Waht is Netflow server  RAM/Harddisk size required to keep the Logs
Can we debug IPSEC traffic using Netflow serverf?
Can we monitor the Network performence using Netflow server?

Regards
ramu

0
Comment
Question by:RAMU CH
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 18

Accepted Solution

by:
jmeggers earned 500 total points
ID: 36562584
The Netflow server is a collector for information sent by the devices in the network.  I would definitely place it somewhere inside your network, although if you have a number of external sites, you may want to place it in a DMZ depending on what your WAN infrastructure looks like.  Most times I've been involved with it, there's some kind of analysis tool such as Arbor Peakflow (http://www.arbornetworks.com/arbor-peakflow-ip-traffic-flow-monitoring-system.html) that's used to help understand the information.  

The hardware resources depend on how much information will be sent by devices, but some devices (Cisco 4500) have special services cards that make Netflow data collection and forwarding more efficient.  FW, router and switch configurations are going to depend on the platform and code running but generally you're going to enable Netflow collection with an "ip flow" command and you're going to export it to the collector using a command such as "ip flow-export destination...."  See the config guides for specifics for your platforms.

I've never seen Netflow used to debug IPSec issues.  It can be used as a security tool, but that's more related to DDOS and other types of flow-based attacks.  It's really a traffic monitoring and analysis tool, charting source, destination, protocols, users, applications, peak usage times, etc.

You can find a bunch of information on Cisco's web site at http://www.cisco.com/en/US/products/ps6601/products_ios_protocol_group_home.html
0
 
LVL 1

Author Closing Comment

by:RAMU CH
ID: 36915134
Thanks
0

Featured Post

Webinar: Aligning, Automating, Winning

Join Dan Russo, Senior Manager of Operations Intelligence, for an in-depth discussion on how Dealertrack, leading provider of integrated digital solutions for the automotive industry, transformed their DevOps processes to increase collaboration and move with greater velocity.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

One of the most frustrating experiences a help desk technician will ever encounter is when a customer comes to them with a solution of their own invention and expects the tech to implement it. This often happens when people with a little bit of tech…
There's a better way to communicate time sensitive or critical info.
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question