Michael Patterson : Advanced NetFlow Traffic Analysis
Michael Patterson
Founder and Product manager for Plixer's Scrutinizer NetFlow and sFlow Analyzer as well as Flow Analytics.

Netflow reporting

Enterprise NetFlow Suggestions

February 20, 2018

In searching for the next flow collection system that will support your organization, most results will turn up solutions claiming to support the consumption of millions of flows/second. For the most part, I think there is some truth to these claims but, when the system is trialed, the limitations become obvious. 

Enterprise NetFlow Collections

It’s one thing to collect high volume NetFlow and quite another to report on it and that’s really where the rub lies.  The amount of engineering necessary to collect millions of flows per second and write them to some type of backend really isn’t all that hard for a seasoned developer. 

Best Free NetFlow Collector

November 7, 2017

I thought it was high time for me to write a post on how to go about selecting the best free NetFlow collector for your environment.  Before you make a decision, it is important to list out the features your team is going to need from the solutions you evaluate. Some of the features and functions might seem very obvious but, I’m sure I can list just a few that you may not have realized. 

  1. Easy to use interface: this doesn’t just mean an intuitive interface. 

IPFIX Flow Direction and Packet Counters

July 8, 2015

In the world of NetFlow and IPFIX, flow direction is a topic that can confuse some of the best technical minds. It is an important concept in relation to routers because where information (e.g. byte counters) is gathered can have a significant impact on perceived accuracy.  This is sort of 3 part blog.  Although it isn't totally necessary, it might help the reader to understand a different type of flow directionality first as posted in my other blog. 

Palo Alto NetFlow Configuration

January 14, 2014

Today I’m covering the Palo Alto NetFlow Configuration steps.  This is a pretty straight forward two step process that is easy to complete and is supported on all Palo Alto firewalls except the PA-4000 series models.  



Been Hacked - What will you do?

December 12, 2013

Is your company a financial institution or a government agency that fears it may have been hacked?  How do you know and if you have been penetrated, what are the hackers doing?  What will you do about it?



Palo Alto Networks NetFlow Export includes Firewall Event Field in PAN-OS 5.0

November 25, 2012

Palo Alto Networks is showing further commitment to NetFlow Reporting by including a Firewall Event element in PAN-OS 5.0.  This new field will provide a few new advantages to Firewall Administrators.  These improvements to their NetFlow export can be seen in multiple ways:

Featured Events