Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1978
Views
0
Helpful
3
Replies

Networking monitoring for cisco asa and cisco pix

donnie
Level 1
Level 1

‎05-19-2010 07:18 PM

Hi all,

I am currently using manage engine netflow to monitor my cisco routers(need to enable netflow). It is able to let me know the top source, destination, protocol in terms of network traffic. Pls advise what can i use to monitor my cisco asa and pix firewalls to produce the same reports. Thks in advance.

Labels:
0 Helpful
3 Replies 3

Don Jacob
Level 1
Level 1

‎05-25-2010 06:34 AM

Hi Don,

Cisco ASA supports NetFlow export from IOS version 8.1 onwards. Please ensure you are on the latest version of NetFlow Analyzer (version 8) and that you have the supported IOS or higher on the ASA.  The latest version of ManageEngine NetFlow Analyzer even lets you see  mapped IP Address for NAT translations.

Cisco ASA configuration has to be done as mentioned in the below link via ASDM:

https://supportforums.cisco.com/docs/DOC-6114;jsessionid=AB591CDEAFF6B779924BAC90890BEF10.node0

In the above mentioned config, please use the listener port set in your ManageEngine (9996 by default) instead of the 2055 mentioned in the link. In case you prefer to configure the ASA via CLI, check the below post:

http://forums.manageengine.com/?ftid=49000003577055

The latest version of ManageEngine can be downloaded from:

http://www.manageengine.com/products/netflow/

Regarding Cisco PIX, the device itself does not support NetFlow export and so it is not possible to monitor this device with NetFlow Analyzer or any such monitoring tool.

Regards,

Don Thomas Jacob

Technical Support Lead

ManageEngine  NetFlow Analyzer

_________________________________________

Regards, Don Thomas Jacob http://www.solarwinds.com/netflow-traffic-analyzer.aspx Head Geek @ SolarWinds NOTE: Please rate and close questions if you found any of the answers helpful.
0 Helpful

donnie
Level 1
Level 1
In response to Don Jacob

‎05-25-2010 05:52 PM

Hi Don,

THk you for your reply. Hence there is no other tool(inlcuding netflow) that allows me to monitor network traffic of my pix and ASAs with earlier IOS versions(below ver8)?

0 Helpful

Don Jacob
Level 1
Level 1
In response to donnie

‎05-26-2010 04:11 AM

Hi,

NetFlow Analyzer and such tools are based on NetFlow or similar flow format packets exported from your devices. Since Cisco introducted NetFlow support on ASA only from IOS version 8.1 onwards and PIX not supporting NetFlow export with any versions, it is not possible to minitor them using such tools.

The best option we can suggest in such a scenario is another product from ManageEngine called Firewall Analyzer. (www.fwanalyzer.com). You can use this product to monitor firewall appliances and get related reports based on syslog data. Feel free to reach the Firewall Analyzer support team at  fwanalyzer-support@manageengine.com if you have any questions.

Regards,

Don Thomas Jacob

Technical  Support Lead

ManageEngine   NetFlow Analyzer

_________________________________________

Regards, Don Thomas Jacob http://www.solarwinds.com/netflow-traffic-analyzer.aspx Head Geek @ SolarWinds NOTE: Please rate and close questions if you found any of the answers helpful.
0 Helpful
Customers Also Viewed These Support Documents