6 messages in net.nether.puck.cisco-nsp[c-nsp] NETFLOW or Alternatives??
FromSent OnAttachments
Vandy HamidiJan 3, 2005 9:12 pm 
Roland DobbinsJan 3, 2005 9:21 pm 
Olav LangelandJan 4, 2005 3:44 am 
RH ListsJan 6, 2005 9:56 am 
Earls, MichaelJan 6, 2005 10:34 am 
Chris MooreJan 6, 2005 10:46 am 
Actions with this message:
Paste this link in email or IM:
Paste this link in email or IM:
Atom feed for this thread
Paste this URL into your reader:
Subject:[c-nsp] NETFLOW or Alternatives??Actions...
From:Roland Dobbins (rdob@cisco.com)
Date:Jan 3, 2005 9:21:49 pm
List:net.nether.puck.cisco-nsp

Actually, there are a number of open-source tools which you can use to get started on Linux or FreeBSD or what-have-you - see Robert Galloway's excellent NetFlow HOW-TO:

http://www.linuxgeek.org/netflow-howto.php

and take a look at Stager:

http://stager.uninett.no/

On Jan 3, 2005, at 6:13 PM, Vandy Hamidi wrote:

All, I'm looking for a way to determine the type of traffic and the amounts of each Flow (SIP, DIP, Sport, DPort).

When my internet traffic or WAN traffic hits 99%, I want to be able to identify the cause. Right now, it's a total uneducated guess.

Requirements: 1) Identify traffic flows 2) Flow Kbps 3) Preferably use a Windows Server for collection and reporting 4) Prefer Trending 5) Easy ramp up (trying to avoid needing to learn a whole no discipline)

I'm not very familiar with NetFlow, but it looks like it needs a Solaris Data Collector.

Equipment will range from 6500, 4500, 3745, 7206, etc. Thanks in advance,

-=Vandy=-

_______________________________________________ cisco-nsp mailing list cisc@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/

--------------------------------------------------------- Roland Dobbins <rdob@cisco.com> // 408.527.6376 voice

Suspicion breeds confidence.