Security Monitoring System
Our new security monitoring system is underway and I should have some pics and some specs on what we have installed. We have multiple security cameras attached to the security probe as well as some temperature sensors and humidity sensors.
Implementing IPFIX : NetFlow to IPFIX
Implementing IPFIX or converting from NetFlow to IPFIX really isn’t very difficult. There are a couple big reasons to do it:
- If you’re not Cisco and you want to export something unique, you take a chance on using an element ID that may not be in use by Cisco. I’ve seen 4 companies do this and later decide to convert to IPFIX. The other two companies have conflicts with Cisco.
- Variable length fields: If you want to export URLs with NetFlow (e.g. Citrix, nProbe, SonicWALL) you should use IPFIX as NetFlow makes no provisions for variable length fields.
IPFIX Consulting: Working with IPFIX Information Elements
From time to time we are contacted for NetFlow or IPFIX consulting. Our IPFIX collector team has seen it all and helping other NetFlow vendors keeps us on our toes.
One of the biggest things we encourage companies to do is to avoid NetFlow v9 for anything that isn’t EXACTLY like Cisco. If the vendor wants to export URLs or something unique that Cisco doesn’t export in NetFlow yet, we recommend using IPFIX.
Network Acceptable Use Policy: Legal Rights
The network acceptable use policy is an issue that has been discussed in just about every HR department. It’s a serious subject that must be dealt with as ignoring the issue can lead to internet abuse.
Being a NetFlow and IPFIX reporting company, we have plenty of customers addressing this issue almost on a daily basis. Some of the network acceptable use policy questions that come up include:
- What should this document contain?
- What warnings should be given out?
- Who should perform the monitoring?
- How will the traffic be monitored?
As many network administrators have learned, blocking sites often doesn’t work due to anonymous proxy sites and certain individuals (i.e. upper management) who request access to blocked sites. This blog will give you some great ideas that you can use to update your existing policy. Read more
Monitoring Video Streaming Traffic with NetFlow
Are you setting out to catch people visiting 3click.tv or hulu.com on your network? Unless you are a pro at tracking down video streaming traffic, you might want to read on about some of the obstacles you will need to overcome to properly measure or even catch this traffic.
VoIP NetFlow Monitoring Software
Are you looking for VoIP monitoring software using NetFlow? Many people wouldn’t consider a Cisco NetFlow analyzer for troubleshooting voice or video traffic; however, this is changing. Cisco, SonicWALL and nProbe are all providing details that allow for VoIP NetFlow Monitoring.
VoIP Details include:
- SSRC
- Codec
- Jitter
- Packet Loss
- Caller ID
- Details on both RTP and SIP
Below are a few screen shots of these new reports, which are based on the nProbe’s IPFIX exports. IPFIX is the proposed standard for NetFlow.
Latency Service Levels from the Cloud
Are you getting geared up to leverage the cloud from a service provider? I’m sure you have thought about reliability and backup plans. How about performance?
Will you know how well the outsourced application is performing? Will you be able to report on who in the organization is suffering from poor connection times, and are the issues consistent? Is the issue specific to a subnet or department? Is slowness a problem across all applications or only with specific cloud service?
Here is a suggestion: use NetFlow or IPFIX reporting to monitor the latency of the host to host connections for each application on your network. Yes, it can all be done with NetFlow or IPFIX. Several vendors are now exporting latency within NetFlow or IPFIX Datagrams. Cisco, Sonicwall, and the nBox are all vendor examples. Read more
Cisco Live- London with nProbe Developer Luca Deri
I went to Cisco Live Europe 2011 recently and met up with Luca Deri, the developer of the nProbe (a.k.a. NetFlow Probe). It was great to finally meet this industry icon for NetFlow and IPFIX. I just had to have my picture taken with him. Luca is on the right in the photo below:
Use the nProbe and NetFlow to Monitor Network Latency
Are you looking to monitor latency with NetFlow? The nProbe is the first product to export latency readings of flow traffic using NetFlow or, as shown below, IPFIX exports. IPFIX is the proposed standard for Cisco NetFlow.
The problem with reporting on NetFlow latency details is that most IPFIX Analyzers (NetFlow Analyzer) ignore this new information from the nProbe. Scrutinizer NetFlow Analyzer from Plixer is making use of this new export. Read more
Catch Network Traffic to Hand Helds with NetFlow Analysis
We have our Cisco wireless access point plugged into our Enterasys N series NetFlow capable switch. This allows us to look at the volume of traffic coming from the wireless devices.
The above is useful, but I wanted to narrow in on the hand held devices. Specifically, I wanted to find out how much traffic is placed on the network when a person streams a NetFlix movie to their hand held. Read more