Educause Security Discussion mailing list archives
Re: netflow
From: "Avdagic, Indir" <indir_avdagic () WSU EDU>
Date: Tue, 31 Mar 2009 09:47:23 -0700
We implemented the Webview Netflow Reporter. Webview Netflow Reporter is an enterprise-focused Netflow reporter/analyzer tool featuring clickable graphs, great categorization that goes beyond simple TCP/UDP port names, automatic exporter discovery, and full access to all aspects of the raw flow data (interface names, millisecond accuracy, TCP flags, QoS settings, etc). More info at: http://wvnetflow.sourceforge.net/ Regards, ____________________________________________ Indir Avdagic, CISSP, ACSA, TICSA Network Security Engineer Washington State University indir_avdagic () wsu edu Phone: (509) 335-3279 http://infotech.wsu.edu/security/ From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Youngquist, Jason R. Sent: Tuesday, March 31, 2009 8:50 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY] netflow I was wondering if anyone uses any free/Open Source netflow products to capture netflow information. We currently have a commercial product which captures netflows and has Network Behavioral Anomaly Detection (NBAD) capability, but I'm looking at alternatives. We are already using MRTG (and Cacti) to get bandwidth information, so I'm looking for netflow tools that have the capability to dig deeper into the flow data, ie. to zoom into a traffic spike and determine the "top talker(s)" for the particular time period, the port, destination IP, etc. Please email me directly if you use a neflow application (Open Source or commercial) which has good analysis capability. Thanks. Jason Youngquist jryoungquist () ccis edu
Current thread:
- netflow Youngquist, Jason R. (Mar 31)
- <Possible follow-ups>
- Re: netflow Peter Charbonneau (Mar 31)
- Re: netflow Truong, Joseph (Mar 31)
- Re: netflow Joel Rosenblatt (Mar 31)
- Re: netflow Avdagic, Indir (Mar 31)
- Re: netflow Jason Frisvold (Mar 31)