Re: Netflow Analysis Software

["Miller,James R" <millerj () UAKRON EDU>]

Kevin,
Thanks for your reply. We currently have a network spanning a little over 80 buildings with little insight on the 
network traffic. We are probably looking at wanting to monitor around 5000 ports and are currently using the Cisco MARS 
appliance they purchased over 3 years ago which was pretty much a waste of money. It does some minimal netflow 
collection and does not produce much in the way of reporting. A GUI would be very helpful for our engineers in an 
overview of the current network status.
Thanks,
Jim

Jim Miller
CISSP,CCSP
Lead Network Engineer
The University of Akron
(330) 972-7958
millerj () uakron edu



-----Original Message-----
From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Kevin 
Wilcox
Sent: Wednesday, May 04, 2011 10:40 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] Netflow Analysis Software

On Wed, May 4, 2011 at 10:24 AM, Miller,James R <millerj () uakron edu> wrote:

> We are looking at adding Netflow analysis to our networking toolkit. Has anyone had good or bad success with any 
> particular vendors? Right now we are looking at Solar Winds and Fluke. Any comments or suggestions would be greatly 
> appreciated.

What are you looking to accomplish? Flow data is, at its heart,
extremely simple - two IPs, two ports, two timestamps, some flags and
some counters. Is there something you want to do that you can't script
in-house or use something like ipAudit or Argus + rrdtool as a
starting point?

kmw

--
Kevin Wilcox GPEN, GCIH
Network Infrastructure and Control Systems
Appalachian State University
Email: wilcoxkm () appstate edu
Office: 828.262.6259