?
Solved

netflow on ASA 5500 series

Posted on 2015-01-21
2
Medium Priority
?
106 Views
Last Modified: 2015-03-01
I have never configured netflow on the ASA and after my research, I see that you can configure netflow or NSEL. Are those the same thing? Is there any performance issue when implementing Netflow on the ASA? Any tips? Thanks
0
Comment
Question by:leblanc
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 5

Accepted Solution

by:
Joey Yung earned 2000 total points
ID: 40563790
The following link provided a good reference of NSEL:

https://www.plixer.com/blog/netflow/what-is-nsel-a-deeper-look-part-1/

BTW, I never try to enable netflow which is below ASA552x model.
0
 
LVL 16

Expert Comment

by:Michael Ortega
ID: 40638438
Here's a good sample config. I'm assuming you're sending the Flow data to a host outside your organization and that the name of your outside interface is "outside".

snmp-server host outside 1.1.1.1 community SNMPNAME version 2c
snmp-server location LOCATION-NAME
snmp-server enable traps all
!
flow-export destination outside 1.1.1.1 2055
flow-export template timeout-rate 1
flow-export delay flow-create 60
!
access-list netflow-export extended permit ip any any
!
class-map netflow-export-class
 match access-list netflow-export
!
policy-map global_policy
 class inspection_default
   inspect snmp
 class netflow-export-class
  flow-export event-type all destination 1.1.1.1
0

Featured Post

Will your db performance match your db growth?

In Percona’s white paper “Performance at Scale: Keeping Your Database on Its Toes,” we take a high-level approach to what you need to think about when planning for database scalability.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This paper addresses the security of Sennheiser DECT Contact Center and Office (CC&O) headsets. It describes the DECT security chain comprised of “Pairing”, “Per Call Authentication” and “Encryption”, which are all part of the standard DECT protocol.
A 2007 NCSA Cyber Security survey revealed that a mere 4% of the population has a full understanding of firewalls. As business owner, you should be part of that 4% that has a full understanding.
Michael from AdRem Software outlines event notifications and Automatic Corrective Actions in network monitoring. Automatic Corrective Actions are scripts, which can automatically run upon discovery of a certain undesirable condition in your network.…
How to fix incompatible JVM issue while installing Eclipse While installing Eclipse in windows, got one error like above and unable to proceed with the installation. This video describes how to successfully install Eclipse. How to solve incompa…
Suggested Courses
Course of the Month9 days, 18 hours left to enroll

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question