Netflow Optimizer™

Netflow Optimizer™

NetFlow Optimizer™ User Guide Version 2.4.8 (Build 2.4.8.0.2) February 2017 © Copyright 2012-2017 NetFlow Logic Corporation. All rights reserved. Patents both issued and pending. Contents About this Guide .......................................................................................................................................................... 3 How NetFlow Optimizer Works .................................................................................................................................. 3 What Are Modules and Converters? .......................................................................................................................... 3 How External Data Feeder for NFO Works ................................................................................................................ 5 How to Use this Guide ............................................................................................................................................... 5 Solutions at a Glance ................................................................................................................................................. 6 Modules Specifications ............................................................................................................................................... 9 Network Traffic and Devices Monitoring .................................................................................................................... 9 Top Traffic Monitor (10067 / 20067) ...................................................................................................................... 9 Top Pairs Monitor (10064 / 20064) ...................................................................................................................... 12 Top Connections Monitor (10063 / 20063) .......................................................................................................... 15 Top Packets Monitor (10068 / 20068) ................................................................................................................. 18 Network Subnets Monitor (10011 / 20011) .......................................................................................................... 20 TCP Health Monitor (10060 / 20060) ................................................................................................................... 22 CBQoS Monitor (10065 / 20065) ......................................................................................................................... 24 Autonomous Systems Monitor (10066 / 20066) .................................................................................................. 26 Enhanced Traffic Monitor ......................................................................................................................................... 27 Top Traffic Monitor Geo Country (10967 / 20967) ............................................................................................... 27 Enhanced Traffic Monitor 2 ...................................................................................................................................... 31 Top Traffic Monitor Geo City (10867 / 20867) ..................................................................................................... 31 Network Bandwidth Consumption Monitor by Application for Blue Coat PacketShaper .......................................... 33 Network Bandwidth Consumption Monitor (10964 / 20964) ................................................................................ 33 Security .................................................................................................................................................................... 35 Hosts Geographical Location Monitor (10040 / 20040) ....................................................................................... 35 Botnet Command and Control Traffic Monitor (10050 / 20050) ........................................................................... 38 Host Reputation Monitor (10052 / 20052)............................................................................................................ 40 Threat Feeds Monitor (10053 / 20053) ................................................................................................................ 42 Email ........................................................................................................................................................................ 44 Outbound Mail Spammers Monitor (10025 / 20025) ............................................................................................ 44 Inbound Mail Spammers Monitor (10026 / 20026) .............................................................................................. 46 Unauthorized Mail Servers Monitor (10027 / 20027) ........................................................................................... 49 Rejected Emails Monitor (10028 / 20028) ........................................................................................................... 50 Services Monitor ...................................................................................................................................................... 51 DNS Monitor (10004 / 20004, 20005) .................................................................................................................. 51 Asset Access Monitor (10014 / 20014) ................................................................................................................ 55 Services Performance Monitor (10017 / 20017) .................................................................................................. 57 Cisco ASA Devices Monitoring ................................................................................................................................ 60 Top Bandwidth Consumers for Cisco ASA (10018 / 20018) ................................................................................ 60 Top Traffic Destinations for Cisco ASA (10019 / 20019) ..................................................................................... 62 Top Policy Violators for Cisco ASA (10020 / 20020) ........................................................................................... 63 Top Hosts with most Connections for Cisco ASA (10021 / 20021) ...................................................................... 65 Palo Alto Networks Devices Monitoring ................................................................................................................... 66 Top Bandwidth Consumers for Palo Alto Networks (10030 / 20030) ................................................................... 66 Top Traffic Destinations for Palo Alto Networks (10031 / 20031) ........................................................................ 68 NetFlow Optimizer User Guide 1 Hosts with Most Policy Violations for Palo Alto Networks (10032 / 20032).......................................................... 70 Most Active Hosts for Palo Alto Networks (10033 / 20033) ................................................................................. 71 Bandwidth Consumption per Application for Palo Alto Networks (10034 / 20034) .............................................. 73 Bandwidth Consumption per Application and Users for Palo Alto Networks (10035 / 20035) ............................. 74 VMware ................................................................................................................................................................... 76 Top VM:Host Pairs (10164 / 20164) .................................................................................................................... 76 Top VM Traffic Monitor (10167 / 20167) .............................................................................................................. 78 Utilities ..................................................................................................................................................................... 80 Sampling Monitor (10002 / 20002) ...................................................................................................................... 80 SNMP Information Monitor (10003 / 20003) ........................................................................................................ 82 Special Converters ..................................................................................................................................................... 84 Original Flow Data (20001) ...................................................................................................................................... 84 sFlow Data (20800, 20900) ..................................................................................................................................... 86 FDR Packeteer-2 Flow Data (20010) ....................................................................................................................... 88 Appendix ..................................................................................................................................................................... 94 NetFlow v5 - NetFlow v9 Field Types Mapping........................................................................................................ 94 NetFlow Optimizer User Guide 2 About this Guide Use this User Guide to learn about NetFlow Optimizer (NFO), its Modules and Converters, their functionality, inputs, outputs, and configuration

View Full Text

Details

  • File Type
    pdf
  • Upload Time
    -
  • Content Languages
    English
  • Upload User
    Anonymous/Not logged-in
  • File Pages
    96 Page
  • File Size
    -

Download

Channel Download Status
Express Download Enable

Copyright

We respect the copyrights and intellectual property rights of all users. All uploaded documents are either original works of the uploader or authorized works of the rightful owners.

  • Not to be reproduced or distributed without explicit permission.
  • Not used for commercial purposes outside of approved use cases.
  • Not used to infringe on the rights of the original creators.
  • If you believe any content infringes your copyright, please contact us immediately.

Support

For help with questions, suggestions, or problems, please contact us