07-22-2008 04:33 AM - edited 03-06-2019 12:23 AM
Today I use NBAR, and it works OK, We will implement the NETFLOW.
Can the Netflow replace the NBAR ?
I mean, will the Netflow show all information about applications that the NBAR shows ? . Or NBAR and NETFLOW are complementary management tools ?
TKS
Alexandre
Solved! Go to Solution.
07-22-2008 08:44 AM
Alexandre,
I was provided with this answer a while ago. Hopefuly it will help you out as much as it helped me:
"NBAR and Netflow are two different tools that were designed for
different purposes. Netflow is a tool used to report traffic flows through
the router to a NETFLOW collector. Netflow is very flexible because it
allows you to update port numbers on the collector to keep up with new
protocols.
NBAR is a tool that was designed to make configuring QOS and policy
based routing easier. It was never meant to be an enterprise level reporting
utility. It allows you to use the "match protocol
matching traffic for QoS classes. It also includes basic reporting, but it
is not nearly as good as Netflow for this duty. The main reason that Neflow
is better is that it is not limited by the number of protocols that it can
match. NBAR can only match protocols defined by Cisco and is not easy for
the customer to update. Netflow reports port numbers and puts the duty on
the Netflow collector to keep track of the protocol information. The good
part about this is that the Netflow collectors are much more up to date on
protocols than NBAR is."
07-22-2008 08:44 AM
Alexandre,
I was provided with this answer a while ago. Hopefuly it will help you out as much as it helped me:
"NBAR and Netflow are two different tools that were designed for
different purposes. Netflow is a tool used to report traffic flows through
the router to a NETFLOW collector. Netflow is very flexible because it
allows you to update port numbers on the collector to keep up with new
protocols.
NBAR is a tool that was designed to make configuring QOS and policy
based routing easier. It was never meant to be an enterprise level reporting
utility. It allows you to use the "match protocol
matching traffic for QoS classes. It also includes basic reporting, but it
is not nearly as good as Netflow for this duty. The main reason that Neflow
is better is that it is not limited by the number of protocols that it can
match. NBAR can only match protocols defined by Cisco and is not easy for
the customer to update. Netflow reports port numbers and puts the duty on
the Netflow collector to keep track of the protocol information. The good
part about this is that the Netflow collectors are much more up to date on
protocols than NBAR is."
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide