Recent advancements in network monitoring have given IT teams the tools necessary to mitigate many of the conditions and security threats that are facing today's enterprises. These technologies include firewalls, intrusion detections systems and NetFlow, a traffic profile monitoring technology that can help provide complete visibility over a network.
NetFlow reporting tools – such as Plixer's Scrutinizer NetFlow & sFlow Analyzer – can enable enterprises to see not only how much traffic is moving across their networks, but also what that traffic is and what it is doing.
Solutions like the Scrutinizer can capture Cisco (News - Alert) NetFlow, sFlow and other flow technologies, and then crunch that data to assess the overall health of a network. Using flow packets, NetFlow analyzers can unearth information on source IP addresses, destination IP addresses, source port numbers, destination port numbers, protocol types, types of services and the router input interfaces.
The unique level of visibility gained from NetFlow reporting tools can help detect a number of today's most destructive network infrastructure security threats, including DDoS attacks, worms and port scans. In addition, NetFlow monitoring solutions can identify misuse by reporting on which hosts, applications and protocols are consuming network bandwidth.
NetFlow technology, developed in 1996 by Cisco Systems' (News - Alert) Darren Kerr and Barry Bruins, has evolved over the years to enable even more robust network monitoring solutions. Reporting tools from vendors like Plixer are now capable of real-time network monitoring; application and user profiling; as well as network and capacity planning.
Next-gen capture solutions also provide security incident detection and classification; accounting and billing support; troubleshooting; and network data warehousing, forensics, and data mining.
The Future of NetFlow
The prevalence of NetFlow analyzers in the enterprise space has increased significantly in recent years as many switch makers have embraced the technology, including Cisco, HP, Enterasys and Juniper, among others.
NetFlow technologies have also found a home among next-generation firewall providers like SonicWALL (News - Alert), which recently collaborated with Plixer on a firewall with NetFlow and IPFIX support.
The Scrutinizer v8.5, released with beta support for SonicWALL IPFIX, resulted in an "architecture that is absolutely first rate for advanced traffic reporting," Scrutinizer Product Manager Michael Patterson noted in a recent blog post.
Exporting data from firewalls using NetFlow has become a highly advantageous practice for network managers. As the initial point of entry for most connections, firewalls can tell an interesting story when supported by NetFlow analyzers. These solutions can help identify, analyze and mitigate network security attacks before they become harmful.
For more information on NetFlow analyzers, check out Plixer's suite of solutions for both enterprises and service providers. The company also offers a solution called Flow Analytics, which supplements Scrutinizer by adding historical reporting, advanced alarming and in-depth traffic analysis.
Edited by Rich Steeves