Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Traffic visibility from outside the perimeter?

Hi,

I'm wondering what others do to get NetFlow-like information from the routers outside their perimiter firewalls.

As far as I can tell, my ASA has no NetFlow-exporting features. I could puch a hole in the firewall so the external router can send to the NetFlow collector, but what are my alernatives?

Websense will tell me about my outgoing TCP traffic, but what about incoming? An IPS will alert me to anomolous traffic, but what if I just want to see how our incoming bandwidth is being used?

I'd like to hear people's thoughts.

Thanks!

- Steve

1 REPLY

Re: Traffic visibility from outside the perimeter?

Steve-

The ASA5580 supports netflow, but that's a pretty big box. I punch a hole in the firewall for netflow data. I think that is more secure than adding a 2nd NIC in the server and connecting it to the perimeter router :-) I guess you could put a netflow server in the perimeter network too. Depends on how much money you want to spend and how tight your security policies are.

Hope that helps

127
Views
0
Helpful
1
Replies