Building network automation solutions

9 module online course

Start now!

We migrated our blog a few days ago, and the commenting functionality is not there yet. In the meantime enjoy the older comments, or find our content on LinkedIn and comment there.

5 comments:

  1. My apologies for the tangent I'm about to go down regarding NetFlow on an 1800 series. I've noticed IP_Audit Trail spikes CPU usage on the router and am wondering if switching to NetFlow will help to alleviate this issue while still providing quality reporting from the IOS firewall. Any help here would be greatly appreciated.

  2. In my understanding, Netflow is more an accounting than an acceleration feature these days, but I could be completely wrong. If I'm not too far off, Netflow will not improve your firewall performance but increase the overall CPU utilization as the router has one extra step to do while forwarding the packets.

    You could, however, use Netflow to figure out the top flows that cause the high CPU utilization. I would also log incoming ACL failures to see whether you're under a DoS attack.

  3. NetFlow is turning to be more of a traffic accounting and analysis technology. Quite a lot of people depend on NetFlow data for indepth traffic analysis and it also helps in finding security violations, DoS attacks and also capacity planning provided you have a good flow analyzer tool. You could try NetFlow Analyzer from ManageEngine. Nice and low cost with good features.

  4. I am wondering if it is possible to log every connection that has passed through the router for security reasons? In my particular case I am looking for a solution that could provide last 30 days of all connections which have passed through the router.

  5. ASA or SCE should be able to do it.

Sidebar