Re: netflow

["Avdagic, Indir" <indir_avdagic () WSU EDU>]

We implemented the Webview Netflow Reporter.  Webview Netflow Reporter
is an enterprise-focused Netflow reporter/analyzer tool featuring
clickable graphs, great categorization that goes beyond simple TCP/UDP
port names, automatic exporter discovery, and full access to all aspects
of the raw flow data (interface names, millisecond accuracy, TCP flags,
QoS settings,  etc).

 

More info at:

 

http://wvnetflow.sourceforge.net/

 

 

Regards,

 

____________________________________________  
Indir Avdagic, CISSP, ACSA, TICSA

Network Security Engineer

Washington State University  

indir_avdagic () wsu edu

Phone: (509) 335-3279
http://infotech.wsu.edu/security/  

 

          

 

 

 

 

From: The EDUCAUSE Security Constituent Group Listserv
[mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Youngquist, Jason
R.
Sent: Tuesday, March 31, 2009 8:50 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] netflow

 

I was wondering if anyone uses any free/Open Source netflow products to
capture netflow information.  We currently have a commercial product
which captures netflows and has Network Behavioral Anomaly Detection
(NBAD) capability, but I'm looking at alternatives.  We are already
using MRTG (and Cacti) to get bandwidth information, so I'm looking for
netflow tools that have the capability to dig deeper into the flow data,
ie. to zoom into a traffic spike and determine the "top talker(s)" for
the particular time period, the port, destination IP, etc.

 

Please email me directly if you use a neflow application (Open Source or
commercial) which has good analysis capability.

 

 

 

Thanks.

Jason Youngquist

jryoungquist () ccis edu