Benefits of using Cisco Netflow than Syslogs in ASA Firewall
With the introduction of Netflow functionality in ASA firewall version 8.2, most of the network monitoring tools that use syslogs are catching up with netflow. I'm wondering on the benefit of using Cisco Netflow than Syslog in ASA firewalls with network monitoring tools.
Netflow provides traffic(flow create and delete) and denied event information alone. Syslog provides traffic, denied, virus, VPN, admin and many more events.
So do anyone know the merits of switching to netflow protocol from syslog.
Re: Benefits of using Cisco Netflow than Syslogs in ASA Firewall
I think they are two complementory services. I would hate to go through syslogs to view my traffic flows, yet that's all Netflow does. I use them both and for me they both provide different critical services.
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...