Scribd
Upload
87 views11 pages

Netflow Con Flow

Netflow allows network administrators to analyze network traffic and troubleshoot issues. It can be used to monitor network security, detect unauthorized traffic, analyze new application impacts, validate quality of service settings, and reduce peak bandwidth usage. Netflow configured on Cisco Nexus switches involves creating flow records to match on specific traffic fields, exporting records to collectors, applying monitors with records and exporters to interfaces, and adjusting flow timeouts and sampling as needed.

Uploaded by

Angel Mendoza Loredo
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
87 views11 pages

Netflow Con Flow

Netflow allows network administrators to analyze network traffic and troubleshoot issues. It can be used to monitor network security, detect unauthorized traffic, analyze new application impacts, validate quality of service settings, and reduce peak bandwidth usage. Netflow configured on Cisco Nexus switches involves creating flow records to match on specific traffic fields, exporting records to collectors, applying monitors with records and exporters to interfaces, and adjusting flow timeouts and sampling as needed.

Uploaded by

Angel Mendoza Loredo
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
You are on page 1/ 11

Usos

■ Realizar perfiles de trafico de red, de manera de determinar que traficos son los que
consumen mayor ancho de banda, o aquellos que producen cuellos de botella
■ Ser utilizado por soluciones IDS e IPS, determinando trafico que pueda ser considerado
malicioso, o potencialmente dañino, y tomar alguna acción si la solución lo permite.
■ Análisis forense o auditoria.
■ Especialmente útil cuando se desea realizar análisis de causa raíz de un problema, o
auditar el trafico de una maquina virtual luego de un ataque.
NetFlow facilitates solutions to many common
problems encountered by IT professionals like
■ Analyze new applications and their network impact:
Identify new application network loads such as VoIP or remote site additions.
■ Reduction in peak WAN traffic:
Use NetFlow statistics to measure WAN traffic improvement from application-policy changes;
understand who is utilizing the network and the network top talkers.
■ Troubleshooting and understanding network pain points
Diagnose slow network performance, bandwidth hogs and bandwidth utilization quickly
with command line interface or reporting tools.
■ Detection of unauthorized WAN traffic
Avoid costly upgrades by identifying the applications causing congestion.
■ Security and anomaly detection
NetFlow can be used for anomaly detection and worm diagnosis along with applications such as
Cisco CS-Mars.
■ Validation of QoS parameters
Confirm that appropriate bandwidth has been allocated to each Class of Service (CoS) and that no
CoS is over- or under-subscribed.
NETFLOW ADVANTAGES
NetFlow information ensures that resources are used adequately in
support of organizational goals. Moreover, it facilitates solutions to
many common network issues including the following ones
■ Network security vulnerabilities and anomaly detection
■ Troubleshooting and understanding network pain points
■ Analyze new applications and their network impact
■ Detection of unauthorized WAN traffic
■ Validation of QoS parameters
■ Reduction in peak WAN traffic
■ Long term compliance issues
■ Network productivity
■ Utilization of network resources
■ The impact of changes to the network.
Netflow en switches Cisco Nexus de la serie 7000

■ Expediente del flujo del Netflow

Switch(Config)#flow record Netflow-Record-1


switch(config-flow-record)#description Custom-Flow-Record
switch(config-flow-record)#match ipv4 source address
switch(config-flow-record)#match ipv4 destination adress
switch(config-flow-record)#match transport destination-port
switch(config-flow-record)#collect counter bytes
switch(config-flow-record)#collect counter packets
Exportación del flujo del Netflow

Switch(Config)#flow exporter Netflow-Exporter-1


Switch(Config-flow-exporter)#description Production-Netflow-Exporter
Switch(Config-flow-exporter)#destination 192.168.11.2
Switch(Config-flow-exporter)#source Ethernet2/2
Switch(Config-flow-exporter)#version 9
Monitor del Netflow con un expediente
de encargo

Switch(config)#flow monitor Netflow-Monitor-1


Switch(config-flow-monitor)#description Applied Inbound-Eth-2/1
Switch(config-flow-monitor)#record Netflow-Record-1
Switch(config-flow-monitor)#exporter Netflow-Exporter-1
Monitor del Netflow con un expediente
original
Switch(config)#flow monitor Netflow-Monitor-2
Switch(config-Netflow-Monitor)#description Use Predefined ?Original-Netflow-
Record?
Switch(config-Netflow-Monitor)#record netflow-original
Switch(config-Netflow-Monitor)#exporter Netflow-Exporter-1
Ajuste del temporizador del Netflow

Switch(config)#flow timeout active 120


Switch(config)#flow timeout inactive 32
Switch(config)#flow timeout fast 32 threshold 100
Switch(config)#flow timeout sesión
Switch(config)#flow timeout aggressive threshold 75
Configuración del dechado del Netflow

Switch(config)#sampler NF-Sampler-1
Switch(config-flow-sampler)#description Sampler-for-Int-Eth-2/1
Switch(config-flow-sampler)#mode 1 out-of 1000!--- Applying a NetFlow Sampler to an Interface:
Switch(config)#interface Ethernet2/1
Switch(config-if)#ip flow monitor NF-Mntr-1 input sampler NF-Sampler-1

You might also like

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy