Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

5505 - netflow style data??

I need to know if I can pull Netflow style data (Top Talkers, Top Sessions, etc) from ASA 5505s?  We are looking at buying some but I need to be able to export this kind of data to my managment station which is also a collector. I have read on this forum that 8.2 and above should support Netflow but I have read conflicting information. Can anyone verify this for me? Also, if there are other options to get this information, I would like to know as well.

Thank you,

Everyone's tags (4)
2 REPLIES

5505 - netflow style data??

Hi Bro

Yes, Cisco ASA FW running on software image code 8.2 and above support netflow, but version 9 only. Hence, third party tools such as Solarwinds Real-Time Netflow Analyzer cannot be used here, as this tool supports Netflow version 5 only.

Cisco’s NetFlow collector doesn’t support Cisco ASA as stated in this link;

http://www.cisco.com/en/US/prod/collateral/iosswrel/ps6537/ps6555/ps6601/prod_white_paper0900aecd80406232.html

For this reason, you might wanna look into ManageEngine Netflow Analyzer. This product supports Netflow version 9. Hence, you can configure your ASA to export NetFlow version 9 packets to this tool instead.

Cisco ASA configuration via ASDM for NetFlow can be seen from the below link;

http://blogs.manageengine.com/netflowanalyzer/2010/07/22/configuring-cisco-asa-netflow-via-asdm

Cisco ASA configuration via CLI for NetFlow can be seen from the below link;

https://supportforums.cisco.com/docs/DOC-6113

http://www.cisco.com/en/US/docs/security/asa/asa82/netflow/netflow.html

For further details on this subject, you could also refer to https://supportforums.cisco.com/thread/2071273

P/S: If you think this comment is useful, please do rate them nicely :-)

Warm regards, Ramraj Sivagnanam Sivajanam Technical Specialist/Service Delivery Manager – Managed Service Department
New Member

5505 - netflow style data??

Hi Jacob,

Information on top talkers, applications, sessions, protocols, etc. is just the start.  You can also get details on the top ACLs violated, events, extended events and usernames using NSEL exports.  Watch the recorded ASA NSEL webcast for further details. Do you need to display this data in your existing management station?

553
Views
5
Helpful
2
Replies
CreatePlease to create content