Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

NETFLOW requirements

Posted on 2011-09-19
2
310 Views
Last Modified: 2012-05-12
Hi,

we are planning to install a Netflow server but i dont have any knowledge about Netflow.
What is the basic pupose of the Netflow server and what are the Prerequisits eedsed to deploy and where to connect means is it should be in LAN or outside the Firewall.

What are the hardware resources required ?
What is the configuration required in Firewall or Router?
Waht is Netflow server  RAM/Harddisk size required to keep the Logs
Can we debug IPSEC traffic using Netflow serverf?
Can we monitor the Network performence using Netflow server?

Regards
ramu

0
Comment
Question by:RAMU CH
2 Comments
 
LVL 18

Accepted Solution

by:
jmeggers earned 500 total points
ID: 36562584
The Netflow server is a collector for information sent by the devices in the network.  I would definitely place it somewhere inside your network, although if you have a number of external sites, you may want to place it in a DMZ depending on what your WAN infrastructure looks like.  Most times I've been involved with it, there's some kind of analysis tool such as Arbor Peakflow (http://www.arbornetworks.com/arbor-peakflow-ip-traffic-flow-monitoring-system.html) that's used to help understand the information.  

The hardware resources depend on how much information will be sent by devices, but some devices (Cisco 4500) have special services cards that make Netflow data collection and forwarding more efficient.  FW, router and switch configurations are going to depend on the platform and code running but generally you're going to enable Netflow collection with an "ip flow" command and you're going to export it to the collector using a command such as "ip flow-export destination...."  See the config guides for specifics for your platforms.

I've never seen Netflow used to debug IPSec issues.  It can be used as a security tool, but that's more related to DDOS and other types of flow-based attacks.  It's really a traffic monitoring and analysis tool, charting source, destination, protocols, users, applications, peak usage times, etc.

You can find a bunch of information on Cisco's web site at http://www.cisco.com/en/US/products/ps6601/products_ios_protocol_group_home.html
0
 
LVL 1

Author Closing Comment

by:RAMU CH
ID: 36915134
Thanks
0

Featured Post

NFR key for Veeam Backup for Microsoft Office 365

Veeam is happy to provide a free NFR license (for 1 year, up to 10 users). This license allows for the non‑production use of Veeam Backup for Microsoft Office 365 in your home lab without any feature limitations.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Both MMF (multi-mode fiber) and SMF (single-mode fiber) are types of optical fiber that can aid in communication applications. These thin strands of silica or glass will allow communication to occur between devices. The transmission of light between…
Are client relationship the only driver of a successful MSP? While important, client relationships are only one component. Learn how else MSPs can broaden their horizon and differentiate themselves.
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

808 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question