Netflow Accumulates and Monitors Network Traffic Essay

Assignment 1. Introduction NetFlow is one of the networks technologies that need to be keep up rapidly. NetFlow is a network protocol developed to accumulate IP traffic data and monitor network traffic. Analyzing flow data, a picture of network traffic flow and volume can be built. Having a flow collector and data analyzer such as NetFlow, allows user to see where network traffic is coming and going to and how much traffic is being generated. The latest Cisco IOS innovation of NetFlow of version 9 is flexible and extensible method to record network performance data. A comprehensive solution for NetFlow-based, planning, monitoring and billing can provides to customers. 2. NetFlow Overview 2.1 Netflow Operation Figure 1: Cisco IOS NetFlow†¦show more content†¦Users can specify the router and aggregation scheme and desired time interval. 2.2 Netflow Security 2.2.1 Incident response and reducing MTTK It’s a CCTV system for enterprise that gives the light-weight nature of flow data that can be store weeks, month and years. Incident occurs when an information need to identify root cause and enact an orderly clean-up is in the flows. This is called reducing the Mean Time to Know (MTTK) and is invaluable to the security pro looking to reduce the impact of breach. 2.2.2 Provide deep situational awareness Security systems only alert when something is actively detected. A view that other systems struggle to provide. 2.2.3 Enable internal network visibility Figure 2: Internal Network As shown on Figure 2, Internet and perimeter-based firewalls, proxy servers, DLP solutions and other technologies. The access layer is where all the action is. This is where BYOD movement has its greatest impact in the network to monitor and bring security analysis such as smartphones and virtualized infrastructure at this layer. 2.2.4 Reduce cost of network security monitoring The larger and more distributed enterprise, the more value NetFlow will provide. Monitoring very high speed networks is much less expensive; NetFlow is a based security monitoring can be often result in cost savings ratio over traditional packet-based monitoring technologies. 2.2.5 Detect attacks without signatures Item that drives most interest in flow-basedShow MoreRelatedProject Mgmt296381 Words   |  1186 Pagesreserved. No part of this publication may be reproduced or distributed in any form or by any means, or stored in a database or retrieval system, without the prior written consent of The McGraw-Hill Companies, Inc., including, but not limited to, in any network or other electronic storage or transmission, or broadcast for distance learning. Some ancillaries, including electronic and print components, may not be available to customers outside the United States. This book is printed on acid-free paper. 1 2