Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision | |||
|
design:netflow [2009/02/16 23:08] Ueli Heuer |
design:netflow [2011/05/07 20:48] (current) Ueli Heuer |
||
|---|---|---|---|
| Line 1: | Line 1: | ||
| + | ====== Netflow ====== | ||
| + | ===== URLs ===== | ||
| + | |||
| + | Basics: | ||
| + | * [[http://www.cisco.com/go/netflow|netflow]] | ||
| + | * [[http://www.cisco.com/en/US/technologies/tk648/tk362/technologies_white_paper09186a00800a3db9.html|netflow v9]] {{:design:netflow_v9.pdf|netflow_v9}} | ||
| + | |||
| + | Tools: | ||
| + | * [[http://www.cisco.com/en/US/prod/iosswrel/ps6537/ps6555/ps6601/networking_solutions_products_genericcontent0900aecd805ff72b.html|Freeware NetFlow Software]] | ||
| + | * [[http://nfsen.sourceforge.net/|nfsen]] | ||
| + | |||
| + | |||
| + | ===== Targets ===== | ||
| + | |||
| + | Possible targets to implement: | ||
| + | |||
| + | * next AS, For accounting of public peering points (as TIX, SwissIX) where macaccount won't work (Hrdware switched plattforms as Cisco 76xx) | ||
| + | * per Destination-/Source-IP-Address for aoounting per Destination-/Soucce-IP-Address (multiple Hosts behind a transparent / NAT-Firewall) | ||
| + | * per Port for Traffic monitoring (Protocol: ipv4,ipv6,icmp,udp,tcp,ipsec, ...) (Port: ssh,telnet,ftp, mail,http[s],domain,...) | ||
| + | |||
| + | {{tag>design monitor netflow}} | ||
