Michael Patterson : Advanced NetFlow Traffic Analysis
Michael Patterson
Founder and Product manager for Plixer's Scrutinizer NetFlow and sFlow Analyzer as well as Flow Analytics.

January 2012

You are browsing the archive for January 2012.
dropped Flows Specific

Dropped NetFlow : Flow Sequence Numbers

January 29, 2012

Dropped NetFlow detection should be a major part of the decision making process in your next enterprise NetFlow collector. High volume Netflow collection and reporting without regard to the NetFlow Sequence Numbers should send up red flags to an educated consumer in the market for a reliable NetFlow and IPFIX collector. Here’s why: It is a safe bet that companies serious about network traffic analysis or network traffic monitoring want to know if they are looking at all the data. In many cases they may not be. How would they know?



Tagged: , , , , , : Related Tags: , , , , ,
No Comments
email Reporting

Email Monitoring Software: Email Reporting

January 20, 2012

Email monitoring and email reporting is an important proactive responsibility that is not addressed in some companies. Who are the top email senders and receivers. What are the top domains sending or receiving emails? What are the top email subjects and who is involved with these emails. These types of reports allow you to investigate email issues such as repeated bounce backs and even virus trails.



Posted in email monitoring, email reporting
Tagged: , , , , , , : Related Tags: , , , , ,
No Comments
netFlowNetworkBehaviorAnalysis.png

NetFlow Behavior Analysis Systems : Limited Impact

January 13, 2012

NetFlow Network Behavior Analysis (NBA) systems have limited impact on detecting threats. They are only suitable as a second or perhaps third layer of threat detection. Some companies offering NetFlow Threat Detection tools would have you believe otherwise. Don't fall for it. "Gartner says NBA is suitable as a complementary technology to intrusion detection and prevention software, which is effective for addressing network attacks that can be positively identified." As a HUGE NetFlow and IPFIX supporter, I tend to agree that flow technologies can augment security practices, but can't replace them.

Posted in NetFlow Threat Detection, Network Behavior Analysis, internal threat detection, ip host reputation, ipfix, netflow reporting
Tagged: , , , , , , : Related Tags: , , , , ,
No Comments
High Volume NetFlow

High Volume NetFlow Collector : Enterprise Traffic Analysis

January 3, 2012

A high volume NetFlow collector is a must for many service providers and universities. Because of the nature of the type of Internet traffic created by these types of organizations, enormous amounts of flows are created. People visiting internet search sites such as Google or those of us clicking on all the different links in facebook or youtube often end up creating a new flow with each click.

Posted in distributed netflow, enterprise netflow analysis, fast netflow, high speed netflow, high volume netflow, ipfix collector, scaling netflow
Tagged: , , , , : Related Tags: , , , , ,
No Comments

Advanced persistent threats akcp reseller amazon ec2 monitoring analyze logs appflow reporting appflow support Application performance monitoring Application Visibility Asymmetric flow path best free netflow collector best NetFlow reporting solution best network management BitTorrent book on NetFlow and IPFIX Building a NetFlow Cache BYOD Security BYOD security BYOD strategy Cisco application visibility and control Cisco ASA NetFlow cisco asa nsel Cisco ASA Vs. Juniper SRX Cisco AVC IPFIX Cisco AVC Reporting cisco media trace distributed NetFlow solutions Flexible NetFlow flexible netflow flow analytics Incident response system ip host reputation NetFlow Netflow analyzer Netflow reporting Network monitoring network monitoring network traffic analysis network traffic monitoring Security Analytics udp forwarder

Featured Events