A lot of unknown traffic.

Unanswered Question
Jun 14th, 2009

My goal is to reduce traffic loads and save some money.

Now I am exporting Netflow to AdventNet Netflow Analyzer - it is helping me to understand what traffic is passing through router. It gives a lot of useful information. But, I still have a lot of traffic that I can not classify - tcp and udp, random ports, googling gives no result. I want to have some kind of Intrusion Detection or Virus Detection software. Some soft that helps me to classify unknown traffic and probably say to me : this traffic is net worm activity. Or something like that. What solution you can advice (except - Cisco MARS)?

Thank you.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
abinjola Sun, 06/14/2009 - 21:39

you may either have signature definition .sdf install in the routers flash or have IDS module in the router (NMIDS)


This Discussion