Michael Patterson : Advanced NetFlow Traffic Analysis
Michael Patterson
Founder and Product manager for Plixer's Scrutinizer NetFlow and sFlow Analyzer as well as Flow Analytics.

How To Investigate Malware

If you are looking to learn about how to investigate malware, chances are you are already infected and under the gun to...

Full Story »

Grading 2014 Predictions

 I made some bold predictions last year.  Now is the time to face the music and grade myself. 1. Last year...

Full Story »

Addressing the threat from OTT voice apps with VoLTE

By: Josee Loudiadis, Director of Network Intelligence, Alcatel-Lucent 

Voice over LTE (VoLTE) and rich communications services can help mobile service providers reclaim market share being lost to over-the-top (OTT) applications.

Voice and text revenues are declining as mobile service providers (MSPs) face an unprecedented challenge from OTT communication apps such as Facebook, Instagram, and lesser known entrants, including WhatsApp and LINE. At first, MSPs enjoyed net gains because the use of these apps had generated significant data revenue. But times have changed. While still a source of revenue, these apps have begun to erode MSP’s native voice and messaging revenue.

To illustrate, let’s look at WhatsApp, who recently debuted its business model for mobile virtual network operators. In this model, WhatsApp (now owned by Facebook) provides voice and messaging services while leasing wireless services from a mobile operator. This means that MSPs are left with price per bit as their sole differentiator.

Full Story »

UCaaS Leaders?

One more research company put out its market leader report on UCaaS (unified communications as a service or as I call...

Full Story »

A Grateful Holiday Break

Heading home to visit friends and parents. It is a good time to stop to write what I am grateful for....

Full Story »

SS7 Signaling Still Alive and Well

As operators migrate to IMS and LTE, and thus IP architectures, SS7 signaling has seemingly been left behind.  After all, Diameter...

Full Story »

AirHopper: Even Air-Gap Networks are Not Secure

It’s a good time to be in the Cybersecurity business. Quite often, highly secure computers are disconnected from the outside world so...

Full Story »

How To Investigate Malware

December 2, 2014

If you are looking to learn about how to investigate malware, chances are you are already infected and under the gun to uncover the source and clean up the mess. Here are a few things to consider before you dig in.

Riverbed NetFlow Analyzer

August 12, 2014

Last year we had a customer contact us to help them invest in the ideal Riverbed NetFlow Analyzer. After receiving a good size packet capture, I spent some time with the other engineers developing a whole bunch of new reports.

NetFlow Calculator for Supermen!

June 4, 2014

When sizing a NetFlow or IPFIX collection appliance, many consumers go looking for a NetFlow calculator.  In order to do some calculations, you'll need to have some numbers handy. For example, what volume of flows per second can all of the hardware combined generate?  This is an important question because it will likely influence the type of collector your team invests in.

A software based collector should be able to scale to well over 40,000 flows per second which is over a couple million flows per minute.  A hardware based solution should scale to well over 100,000 flows per second.  If the solution can be distributed, collection rates well into the multi millions, should be attainable.  The problem that customers need to be aware of is that flow volume is not always directly related to bandwidth consumed.



Software Defined Networks Demystified: 5 Truths

March 15, 2014

For those trying to understand what a Software Defined Network (SDN) is, this post demystifies many of the benefits promised by SDN adversaries.  To do this, I will draw out 5 areas that help you comprehend the truth about where it promises to deliver. First keep in mind that a SDN is broken into two parts: the Control and Data planes.



Cisco AVC Reporting: Flexible NetFlow Configuration

March 9, 2014

The configuration below provides details on how to configure Cisco AVC Reporting / exports in IOS EX. For those of you new to Cisco Application Visibility and Control (AVC) exports.  This configuration allows network administrators to use flow data to report on details such as URLs, latency, retransmits, packet size, TCP window size, jitter, packet loss, etc. Note also that Cisco is making the switch from NetFlow to IPFIX. Check it out:



Configuring Citrix AppFlow Support

February 3, 2014

We have included AppFlow support in our solution for years. This post tries to help with how to configure it so that you can take your AppFlow network traffic analysis to the next level.  

Note: AppFlow can be enabled only on nCore NetScaler appliances.





Palo Alto NetFlow Configuration

January 14, 2014

Today I’m covering the Palo Alto NetFlow Configuration steps.  This is a pretty straight forward two step process that is easy to complete and is supported on all Palo Alto firewalls except the PA-4000 series models.  



Been Hacked - What will you do?

December 12, 2013

Is your company a financial institution or a government agency that fears it may have been hacked?  How do you know and if you have been penetrated, what are the hackers doing?  What will you do about it?



Cisco AVC Webcast - Future Proof your Network

October 8, 2013

Last month I co-hosted a webcast with Liad Ofek, Technical Marketing Manager at Cisco on the topic of Application Visibility and Control (AVC). It was one of our most successful webcasts ever and it is now available to those who couldn’t make the event.



UserName with NetFlow or IPFIX

September 15, 2013

Ask any network administrator trying to track down the end user of a suspect traffic pattern, whether they would rather have the IP address or username and they will likely tell you ‘both’.  Several vendors are now including both in their NetFlow and IPFIX exports.



1 2 3 4 5 Next
Featured Events