Daily Archives: July 3, 2011

Microsoft, Tech

Diving Deeper with NetFlow Tips and Tricks

Templates, sFlow versus NetFlow, what DNS requests can tell you and other secrets from analysis experts

Readers have told me that they like blog posts with technical tips and tricks. So I asked SolarWinds to write an article about making the most out of NetFlow. The following is a guest post written by Denny LeCompte, SolarWinds VP of Product Management and Mav Turner, SolarWinds Product Manager. SolarWinds makes the popular Orion NetFlow Traffic Analyzer (NTA) that analyzes Cisco NetFlow, Juniper J-Flow, IPFIX, & sFlow data. Got more questions about NetFlow? Leave them as a comment and we’ll see if we can get them answered for you.

 

Best Microsoft MCTS Training, Microsoft MCITP Training at certkingdom.com

 

This article will provide you with some insight on how to take your NetFlow skills to the next level and provide you insight on some of the more important aspects like templates and what you can do with them. It will also explain how to dissect all of that data you are collecting and how to get on the right path if you want to go full guns a-blazin’ and create your very own NetFlow tool.

When Cisco introduced NetFlow v1 for its routers and switches, it was really onto something. By the time v5 came around, it set the stage to become a ubiquitous traffic monitoring solution, and it is a wonderful tool for collecting critical information on network traffic.

Best of all, NetFlow v5 can be enabled on most network devices, making it easy to deploy and configure across the network. And if a vendor isn’t using NetFlow, chances are they are using something similar called sFlow. So, you should have your bases covered. When deployed correctly, NetFlow provides you with a crystal ball of information that lets you know how your network’s bandwidth is being utilized.

Why would you want to analyze Netflow and, more importantly, why would you want to dive deeper? Well, if you are experiencing a network slowdown, it could be a symptom of something more serious, like bandwidth hogs using YOUR network to torrent movies or host large personal files that are shared out to the world. You could be experiencing network configuration problems, security breaches/attack, or a botnet … oh my!