Netflow Con Flow
Netflow Con Flow
Netflow Con Flow
■ Realizar perfiles de trafico de red, de manera de determinar que traficos son los que
consumen mayor ancho de banda, o aquellos que producen cuellos de botella
■ Ser utilizado por soluciones IDS e IPS, determinando trafico que pueda ser considerado
malicioso, o potencialmente dañino, y tomar alguna acción si la solución lo permite.
■ Análisis forense o auditoria.
■ Especialmente útil cuando se desea realizar análisis de causa raíz de un problema, o
auditar el trafico de una maquina virtual luego de un ataque.
NetFlow facilitates solutions to many common
problems encountered by IT professionals like
■ Analyze new applications and their network impact:
Identify new application network loads such as VoIP or remote site additions.
■ Reduction in peak WAN traffic:
Use NetFlow statistics to measure WAN traffic improvement from application-policy changes;
understand who is utilizing the network and the network top talkers.
■ Troubleshooting and understanding network pain points
Diagnose slow network performance, bandwidth hogs and bandwidth utilization quickly
with command line interface or reporting tools.
■ Detection of unauthorized WAN traffic
Avoid costly upgrades by identifying the applications causing congestion.
■ Security and anomaly detection
NetFlow can be used for anomaly detection and worm diagnosis along with applications such as
Cisco CS-Mars.
■ Validation of QoS parameters
Confirm that appropriate bandwidth has been allocated to each Class of Service (CoS) and that no
CoS is over- or under-subscribed.
NETFLOW ADVANTAGES
NetFlow information ensures that resources are used adequately in
support of organizational goals. Moreover, it facilitates solutions to
many common network issues including the following ones
■ Network security vulnerabilities and anomaly detection
■ Troubleshooting and understanding network pain points
■ Analyze new applications and their network impact
■ Detection of unauthorized WAN traffic
■ Validation of QoS parameters
■ Reduction in peak WAN traffic
■ Long term compliance issues
■ Network productivity
■ Utilization of network resources
■ The impact of changes to the network.
Netflow en switches Cisco Nexus de la serie 7000
Switch(config)#sampler NF-Sampler-1
Switch(config-flow-sampler)#description Sampler-for-Int-Eth-2/1
Switch(config-flow-sampler)#mode 1 out-of 1000!--- Applying a NetFlow Sampler to an Interface:
Switch(config)#interface Ethernet2/1
Switch(config-if)#ip flow monitor NF-Mntr-1 input sampler NF-Sampler-1