Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
503
Views
0
Helpful
1
Replies

NBAR x NETFLOW

Go to solution
aamaral2006
Level 1
Level 1

‎07-22-2008 04:33 AM - edited ‎03-06-2019 12:23 AM

Today I use NBAR, and it works OK, We will implement the NETFLOW.

Can the Netflow replace the NBAR ?

I mean, will the Netflow show all information about applications that the NBAR shows ? . Or NBAR and NETFLOW are complementary management tools ?

TKS

Alexandre

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
garytayl
Level 3
Level 3

‎07-22-2008 08:44 AM

Alexandre,

I was provided with this answer a while ago. Hopefuly it will help you out as much as it helped me:

"NBAR and Netflow are two different tools that were designed for

different purposes. Netflow is a tool used to report traffic flows through

the router to a NETFLOW collector. Netflow is very flexible because it

allows you to update port numbers on the collector to keep up with new

protocols.

NBAR is a tool that was designed to make configuring QOS and policy

based routing easier. It was never meant to be an enterprise level reporting

utility. It allows you to use the "match protocol " command for

matching traffic for QoS classes. It also includes basic reporting, but it

is not nearly as good as Netflow for this duty. The main reason that Neflow

is better is that it is not limited by the number of protocols that it can

match. NBAR can only match protocols defined by Cisco and is not easy for

the customer to update. Netflow reports port numbers and puts the duty on

the Netflow collector to keep track of the protocol information. The good

part about this is that the Netflow collectors are much more up to date on

protocols than NBAR is."

View solution in original post

0 Helpful
1 Reply 1

Go to solution
garytayl
Level 3
Level 3

‎07-22-2008 08:44 AM

Alexandre,

I was provided with this answer a while ago. Hopefuly it will help you out as much as it helped me:

"NBAR and Netflow are two different tools that were designed for

different purposes. Netflow is a tool used to report traffic flows through

the router to a NETFLOW collector. Netflow is very flexible because it

allows you to update port numbers on the collector to keep up with new

protocols.

NBAR is a tool that was designed to make configuring QOS and policy

based routing easier. It was never meant to be an enterprise level reporting

utility. It allows you to use the "match protocol " command for

matching traffic for QoS classes. It also includes basic reporting, but it

is not nearly as good as Netflow for this duty. The main reason that Neflow

is better is that it is not limited by the number of protocols that it can

match. NBAR can only match protocols defined by Cisco and is not easy for

the customer to update. Netflow reports port numbers and puts the duty on

the Netflow collector to keep track of the protocol information. The good

part about this is that the Netflow collectors are much more up to date on

protocols than NBAR is."

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card