[c-nsp] netflow tools
Nairolf Relsserp
airflow.2010 at gmail.com
Tue Sep 21 16:25:27 EDT 2010
On Mon, Sep 20, 2010 at 1:01 AM, Sharlon R. Carty <me at sharloncarty.net> wrote:
> Anyone know of any netflow collector tools that can filter the data based on
> ASN? The majority tools I have tried filter based on IP address, IP group,
> domain name etc.
I recommend IsarFlow: http://isarflow.com/
This product is capable of a broad but meaningful variety of
netflow-driven analysis.
Two of the analysis also take the AS-numbers into account:
* analysis considering the source and destination AS of the flows:
This analysis is useful to find out which AS you communicate with
mostly (based on flows or transmitted bytes). For example, if you find
out that you communicate a lot with an AS you are not peering with
directly, this information might help to decide which AS to peer with
next (if possible)! :) It might be also a good base of information to
generally build your BGP routing-policy upon.
* analysis considering the peering-AS: If you have several AS you peer
with directly, this helps you to find out how your traffic distributes
to those. This may be helpful to check if your BGP routing-policy is
working as desired.
Feel free to contact me if you need more information about this solution.
Kind Regards,
Florian Pressler
--
DI(FH) Florian Pressler | Senior Systems Engineer | Security
CCIE #21049
phone: +43-1-23060-3280 | mobile: +43-664-88445030 | e-fax:
+43-1-23060-3289
email: fp at ong.at | skype: fpressler |
http://www.xing.com/profile/Florian_Pressler
Open Networks GmbH | Mooslackengasse 17 | 1190 Wien |
http://www.opennetworks.at/
More information about the cisco-nsp
mailing list