Is there any way to proactively act upon netflow information?

Unanswered Question
Aug 18th, 2010

Netflow is very useful in providing info on bandwidth usage between pair  of devices. From what i know one can take reactive action (manual action) by blocking  certain traffic (if utilization starts affecting production traffic say  on WAN link) once the information is collected by netflow. What i want  to find out is, if there is any way, to set a threshold of bandwidth  usage for top talkers and if the usage is above that threshold then kill  the flow (without manual action - proactively) using say access-list on a wan interface or by shutting down  the access-port on lan side.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
kyukim Wed, 08/18/2010 - 08:52


Currently, there is no such functions in NetFlow to set threshold/shutdown flows.

Only TCAM Threshold exist on Switches to warn TCAM memory utilization for netflow cache. 



This Discussion