[c-nsp] looking for a netflow analyzer
christian.macnevin at uk.bnpparibas.com
christian.macnevin at uk.bnpparibas.com
Wed Oct 4 10:54:32 EDT 2006
If you're after a commercial version, I've been looking at Crannog and am
pretty impressed. They also
take feeds from Packeteers if you're using those (don't have them, so not
sure if I'm just telling you they support
Netflow, heh)
Internet
nick.nauwelaerts at thomson.com
Sent by: cisco-nsp-bounces at puck.nether.net
04/10/2006 15:31
To
cisco-nsp
cc
Subject
[c-nsp] looking for a netflow analyzer
Hello,
We're looking for a somewhat easy to use netflow analyzer. The issue
we're trying to solve it that we have a lot of vpn connections which
include a lot of subnets (some /16's and a lot of /24's) and since
they're vpns we have limited visibility of what goes through them. So,
on the last hop before the vpn tunnel broker we're doing a netflow
export so we can get an idea of what's moving through it.
Now we need an easy to use frontend for this data, preferably something
web based. We've tried flowtools with various web addons, but those
didn't cut it. We tried ntop, it also didn't do what we are looking for.
We also used plixer scrutinizer, who's custom reports were what we were
looking for - regretfully those were limited to only 256 hosts which
doesn't even come close to a /16.
Does anyone have any recommendations or other ways to solve this
problem? We just need a netflow analyzer which allow us to set up groups
of hosts and have a semi realtime idea of what traffic they are
producing. Placing a packeteer box in between the vpn tunnel broker &
router might prove a bit expensive if it's just for visibility.
Thanks.
// nick
_______________________________________________
cisco-nsp mailing list cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
This message and any attachments (the "message") is
intended solely for the addressees and is confidential.
If you receive this message in error, please delete it and
immediately notify the sender. Any use not in accord with
its purpose, any dissemination or disclosure, either whole
or partial, is prohibited except formal approval. The internet
can not guarantee the integrity of this message.
BNP PARIBAS (and its subsidiaries) shall (will) not
therefore be liable for the message if modified.
**********************************************************************************************
BNP Paribas Private Bank London Branch is authorised
by CECEI & AMF and is regulated by the Financial Services
Authority for the conduct of its investment business in
the United Kingdom.
BNP Paribas Securities Services London Branch is authorised
by CECEI & AMF and is regulated by the Financial Services
Authority for the conduct of its investment business in
the United Kingdom.
BNP Paribas Fund Services UK Limited is authorised and
regulated by the Financial Services Authority
More information about the cisco-nsp
mailing list