Solved

netflow on ASA 5500 series

Posted on 2015-01-21
2
103 Views
Last Modified: 2015-03-01
I have never configured netflow on the ASA and after my research, I see that you can configure netflow or NSEL. Are those the same thing? Is there any performance issue when implementing Netflow on the ASA? Any tips? Thanks
0
Comment
Question by:leblanc
2 Comments
 
LVL 4

Accepted Solution

by:
Joey Yung earned 500 total points
ID: 40563790
The following link provided a good reference of NSEL:

https://www.plixer.com/blog/netflow/what-is-nsel-a-deeper-look-part-1/

BTW, I never try to enable netflow which is below ASA552x model.
0
 
LVL 16
ID: 40638438
Here's a good sample config. I'm assuming you're sending the Flow data to a host outside your organization and that the name of your outside interface is "outside".

snmp-server host outside 1.1.1.1 community SNMPNAME version 2c
snmp-server location LOCATION-NAME
snmp-server enable traps all
!
flow-export destination outside 1.1.1.1 2055
flow-export template timeout-rate 1
flow-export delay flow-create 60
!
access-list netflow-export extended permit ip any any
!
class-map netflow-export-class
 match access-list netflow-export
!
policy-map global_policy
 class inspection_default
   inspect snmp
 class netflow-export-class
  flow-export event-type all destination 1.1.1.1
0

Featured Post

Watch Anatomy of a Wi-Fi Hack On-Demand

In less than a weekend, anyone with Internet access and some free time can become a Wi-Fi MitM to wreak havoc on your network. View our Wi-Fi Expert in an on-demand episode of our Secure Wi-Fi mini-series as he explores the motives, execution, and anatomy of a Wi-Fi hack.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

In this article we have discussed the manual scenarios to recover data from Windows 10 through some backup and recovery tools which are offered by it.
A clone is a duplicate copy. Sheep have been cloned and maybe someday even people will be cloned, but disk cloning (performed by the hard drive cloning software) is a vital tool used to manage and protect data. Let’s look at what hard drive cloning …
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

680 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question