I am trying to clean up the access-lists in an ASA firewall. Due to the amount of traffic that goes though it, I have been having trouble getting a list of traffic that is actually travelling though the ASA.
I have been looking at the new Netflow feature of the ASA and it looks like this would be a big help.
Does anybody have any experience with any Netflow Analyzers with the ASA? A perfect solution would allow me to export a summary of all non-established traffic.
By no means am I selling a 3rd party product here. I have experience that the latest Solarwinds Orion and Plixer's Scrutinizer have worked well for what you want to do for many people.
Here is the wiki that explains it https://supportforums.cisco.com/docs/DOC-6113
I hope it helps.