Educause Security Discussion mailing list archives

Re: Netflow Analysis Software

From: Jason Chambers <jchambers () UCLA EDU>
Date: Mon, 9 May 2011 09:30:18 -0700

On 5/4/11 10:52 AM, Justin Azoff wrote:


I've been looking at v10/IPFIX which apparently supports other fields
like HTTP_URL.

This blog post mentions one of the example use cases:

    http://www.plixer.com/blog/scrutinizer/monitor-netflix-traffic-using-netflow-reporting/

but there doesn't seem to be as many open tools for working with this
data yet.

Is anyone actively using IPFIX now?


Yes, albeit a limited form.  As I understand it a lot of open source
tools rely on libfixbuf which is still under development to fully
support templates.  In the meanwhile hack solutions fit the bill
(generate that data on sensors and store independent of flow repository)

Regards,

--Jason

Current thread:

Netflow Analysis Software Miller,James R (May 04)
- Re: Netflow Analysis Software Kevin Wilcox (May 04)
  - Re: Netflow Analysis Software Miller,James R (May 04)
    - Re: Netflow Analysis Software Dr. Wole Akpose (May 04)
    - Re: Netflow Analysis Software Miller,James R (May 04)
  - Re: Netflow Analysis Software Bradley, Stephen W. Mr. (May 04)
  - Re: Netflow Analysis Software Justin Azoff (May 04)
    - Re: Netflow Analysis Software Jason Chambers (May 09)
- Re: Netflow Analysis Software Mike Iglesias (May 04)
  - Re: Netflow Analysis Software Joel Rosenblatt (May 04)
  - Re: Netflow Analysis Software win-hied () bradjudy com (May 04)
    - Re: Netflow Analysis Software Troy S. Jordan (May 04)
    - Re: Netflow Analysis Software Avdagic, Indir (May 04)
    - Re: Netflow Analysis Software Michael Jewett (May 04)
    - Re: Netflow Analysis Software Drews, Adam (May 04)
- Re: Netflow Analysis Software Greene, Chip (May 04)
- <Possible follow-ups>
- Re: Netflow Analysis Software Bob Doyle (May 05)