I need to know if I can pull Netflow style data (Top Talkers, Top Sessions, etc) from ASA 5505s? We are looking at buying some but I need to be able to export this kind of data to my managment station which is also a collector. I have read on this forum that 8.2 and above should support Netflow but I have read conflicting information. Can anyone verify this for me? Also, if there are other options to get this information, I would like to know as well.
Yes, Cisco ASA FW running on software image code 8.2 and above support netflow, but version 9 only. Hence, third party tools such as Solarwinds Real-Time Netflow Analyzer cannot be used here, as this tool supports Netflow version 5 only.
Cisco’s NetFlow collector doesn’t support Cisco ASA as stated in this link;
For this reason, you might wanna look into ManageEngine Netflow Analyzer. This product supports Netflow version 9. Hence, you can configure your ASA to export NetFlow version 9 packets to this tool instead.
Cisco ASA configuration via ASDM for NetFlow can be seen from the below link;
Information on top talkers, applications, sessions, protocols, etc. is just the start. You can also get details on the top ACLs violated, events, extended events and usernames using NSEL exports. Watch the recorded ASA NSEL webcast for further details. Do you need to display this data in your existing management station?
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :